Lead Security & Compliance Engineer
Who We Are:
Mobiquity is a digital engagement provider that strategizes, designs, builds, and optimizes data-driven solutions for more than 200 leading brands around the world. We are a collective of unique individuals - over 300 employees spread across 3 continents and 9 offices - with a mission to humanize digitalexperiences.
Our team of consultants, designers, engineers, and data scientists engages consumers, patients, and employees across all channels (including mobile, web, Internet of Things, and voice).
Each day, 50 million users interact with Mobiquity’s solutions – for accessing weather information and placing mobile orders to tracking patient trends and receiving continuous care™.
We work within a wide variety of industries and have deep expertise in sectors including healthcare, consumer, retail, communications, and financial services.
We’re also proud to be an Amazon Web Services (AWS) Premier Consulting Partner with competencies in IoT, Mobile, Healthcare, and Life Sciences, as this top-tier honor is one of many qualifications that differentiates us from the rest.
Reporting directly to the VP of Engineering, and working with other members of the security team, project delivery, Operations, and IT teams. This role is responsible for the overall quality and productivity of the security team.
· Ensure new projects are scoped, implemented and deployed in a secure manner;
· Provide security expertise on customer project delivery teams throughout the Mobiquity Software Development Lifecycle (SDLC)
· Maintain, apply, and enhance securityarchitecture, development, testing, operations, and compliance standards throughout the organization;
· Provide security and compliance subject matter expertise and consultation to internal Business Units and to Customers;
· Coordinate with the IT, Operations, and Delivery teams to ensure adherence to strong SDLC tools and processes and training in secure coding and testing best practices;
· Perform security/compliance internal audits on new projects;
· Perform risk assessments on vendors, tools and processes;
· Maintain and oversee execution of security policies;
· Advise on strategy for new and existing compliance standards for Mobiquity and customers;
· Consult with Labs team on projects and strategies related to research in security and compliance;
· Support security/vulnerability incident responses;
· Consult with IT and Delivery teams on forensic analysis of breaches and exploits;
· Maintain, apply, and enhance a set of materials for internal and external use related to Mobiquity security and compliance posture and on-going expertise;
· Contribute to writing a periodic blog post and other market-facing content on topical security & compliance subjects;
· Be prepared to participate as a member of the Mobiquity Corporate Security Team;
· Represent Mobiquity with industry leaders, analysts and standards bodies in areas related to security and compliance;
· Provide othersecurity, compliance, and technical tasks as assigned by the VP of Engineering.
· Knowledge of stack exploitation in C based languages
· Experience with Mobile reverse engineering tools i.e. Cycript, jadx, hopper, etc
· Ability to understand, explain, and demonstrate various security vulnerabilities & risks including XSS, CSRF, Code Injection, MitM, Brute-force/Dictionary/Rainbow Table attacks,
· Experience supporting in company wide audits for regulations such as PCI or HIPAA, or other company certifications such as ISO 27001 or SOC2
· Experience defining and delivering security training to security professionals, engineers, and non-engineers
· Demonstrable history of security centric publications, conference presentations, blog posts, etc…
· Experience with AWS technologies and recommended security best practices
Recruiting Agencies: While we really do appreciate what you do, and how challenging it can be, don’t do it. Please do not send us unsolicited resumes, either to our employees, job listings, or recruiting team. (We call those “free leads”). Mobiquity is not responsible for any fees related to unsolicited resumes.
Mobiquity is an equal opportunity employer. We feel strongly that the best ideas come from all sorts of directions and sources, and cutting ourselves off from anyone due to our own biases is simply bad business, as well as bad citizenship.