Senior Director of Global Talent Acquisition at StockX - We're hiring!
About the role:
This hands-on security engineering position will be part of StockX's Information Security Cloud & Application Engineering team, leading efforts to enhance the security of software development practices. Members of this team work with several stakeholders to ensure appropriate processes, procedures, and controls are adequately designed and implemented to meet StockX security requirements, mitigate risks, and ensure compliance. This is a critical IC role on the StockX Information Security team and will work with several stakeholders in Product, Engineering, Operations, Customer Service, Safety & Trust, & IT.
What you’ll do
Assist software development architects on secure coding and architecture practices
Assist with metric collection and application methodologies for internal information risk management efforts
Consult with teams to ensure data is properly handled throughout our environment
Collaborate with business, technology, project management, architecture and information security teams to deliver secure solutions that support our business
Serve as a liaison between the business and IT for technical security projects
Stay current on information security practices
Perform qualitative risk assessments on systems and applications
Work with information security analysts to ensure visibility and security controls are implemented and maintained
Enhance technologies and processes for information security analysts
Participation in one or more of the following:
Maintaining the organization’s security information tools (AlienVault, Snyk, GitGuardian, ServiceNow, etc)
Conducting code reviews and assisting with remediations across multiple apps and services (PHP, React, iOS, Android, NodeJS, etc)
Help drive the shift left movement within StockX by implementing tooling within our CI/CD pipelines (DevSecOps)
Driving best practices for AWS Cloud Security in greenfield projects, reviewing current practices, and auditing current policies/infrastructure
Serving as a liaison between Compliance and Engineering to ensure we are meeting our regulatory requirements
About you
3 years in a technical IT security role
GIAC, GSEC, OSCP or other security certifications preferred
Experience with web application security, including OWASP Top 10 vulnerabilities
Familiarity with SecDevOps and CI/CD best practices
Knowledge of cloud security, including AWS
Knowledge of container security, including Docker or Kubernetes
Excellent communication and interpersonal skills
Strong problem-solving skills and attention to detail
Willingness to learn and get up to speed quickly.
Excellent analytical, organizational, and communication skills. Ability to say No.
Experience and ability to mentor senior and junior engineers in the team for best outcomes.
Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation.
Pursuant to the various pay transparency laws/acts, the base salary range is $120,000 to $145,000 plus opportunities for benefits (e.g., medical, dental), equity and discretionary bonuses. Compensation is dependent on geography and may vary.
Seniority level
Associate
Employment type
Full-time
Job function
Information Technology
Industries
Software Development, Computer and Network Security, and IT System Custom Software Development
Referrals increase your chances of interviewing at StockX by 2x