We are looking for a Security Engineer to join the Security & Privacy team at Figure, focusing on designing, implementing, and managing vulnerability discovery and remediation across enterprise and Cloud environments.
Responsibilities- Develop systems and tools to improve the security posture of Figure's enterprise infrastructure, touching domains such as client platform, corporate networks, as well as SaaS infrastructure
- Build and manage automation for vulnerability management, and help Figure prioritize and address vulnerabilities across the infrastructure
- Identify, triage, and remediate vulnerabilities and misconfigurations for cloud infrastructure and Figure's backend services
- Design and implement security controls for securing backend services and cloud infrastructure at Figure
- Review and provide security guidance company wide for infrastructure systems, account lifecycle, fleet management and automation.
- Define and contribute to the team's operational duties (e.g. security reviews, consulting, and on-call), identify areas of improvement by delegating work, improving automation, and runbooks.
Requirements- Experience in several of the following Enterprise Security Domains: Zero Trust/Beyond Corp, Endpoint Security, Cloud Security, Data Loss Prevention, Cryptography and PKI, SaaS Security.
- Strong understanding of federated authentication/authorization technologies (e.g., SAML, SCIM, OPA, OIDC).
- Strong understanding of network security mechanisms, including mTLS, 802.1X, SSH, DNSSEC, Certificate transparency, VPN, and others
- Experience developing and deploying services in multi-cloud environments, preferably one of the following Azure, AWS or Google Cloud Platform
- Strong software engineering (beyond scripting or automation) skills in C/C++, Rust, Golang, Python or similar.
- Experience in common tools and processes of adjacent security domains, esp. Detection and Response.
- Solid knowledge of operating system internals, and experience with several of the following areas: Identity and Access, OS Hardening (macOS, Windows, Linux, ChromeOS), SaaS Security or Assurance and Validation
- Bachelor of Science in Computer Science, Engineering, Information Systems, or equivalent years of experience in a related technical field
- 6+ years of experience as an Enterprise/Cloud focused Security Engineer
- Excellent verbal and written communication skills, with high attention to detail
The US base salary range for this full-time position is between $150,000 - $350,000 annually.
The pay offered for this position may vary based on several individual factors, including job-related knowledge, skills, and experience. The total compensation package may also include additional components/benefits depending on the specific role. This information will be shared if an employment offer is extended.
