At Justworks, you’ll enjoy a welcoming and casual environment, great benefits, wellness program offerings, company retreats, and the ability to interact with and learn from leaders in the startup community. We work hard and care about our most prized asset - our people.
We’re helping businesses get off the ground by enabling them to focus on running their business. We solve HR issues. We’re data-driven and never stop iterating. If you’d like to work in a supportive, entrepreneurial environment, are interested in building something meaningful and having fun while doing it, we’d love to hear from you.
We're united by shared goals and shared motivations at Justworks. These are best summed up in our company values, which are reflected in our product and in our team.
If this sounds like you, you’ll fit right in.
Who You Are
We’re looking for a Senior Information Security Analyst who can work cross-team with all areas of the company to develop security safeguards and countermeasures to protect Justworks assets, employees and customers. The successful candidate should have an in-depth knowledge in security and should have experience working in all areas related to security. The individual will be working in core areas in security related to vendor security, customer security, security audits, security engineering and architecture, AWS security, security audits, security training and awareness and any other area based on the need. The candidate should also have experience in *Nix environment and the use of common cybersecurity tools
Your Success Profile
What You Will Work On
- Perform vendor security assessment, facilitate in customer security
- Perform incident response, security investigations using tools such as EDR, SIEM, AWS security tools and other
- Perform configuration, network and application technical vulnerability assessments, pentests if needed and work with teams to remediate identified issues
- Develop monitoring and detective capabilities through technologies such as DLP, MDM etc.
- Drive compliance, implement policies and security best practices
- Work with internal teams in implementing security policies and procedures
- Implement security training and awareness that align with current needs of the organization and the industry
- Evangelize a proactive culture of security to the rest of the company through education, trust and empathy
- Adopt a data driven, evidence based approach to security
- Performs any other related duties as assigned.
How You Will Do Your Work
As a Senior Information Security Analyst, how results are achieved is paramount for your success and ultimately result in our success as an organization. In this role, your foundational knowledge, skills, abilities and personal attributes are anchored in the following:
- Attention to detail - In conducting incident response, the ability to pay attention to detail, conduct attack path analysis, identify the root causes, loopholes and the implement best practices to minimize attacks
- Good judgment - the exercise of critical thinking, analyzing and assessing problems and implications, identifying patterns, making connections of underlying issues, understanding risks and developing mitigation strategies, and taking ownership of the outcome.
- Resourcefulness - Taking a can-do approach, even in the face of obstacles and constraints by assessing what’s in front of you and effectively and efficiently optimizing what you have, whether it's working on something new or thinking about how to do something better.
- Teamwork and communication - Putting our collective best together through documentation, collaboration, relationship-building, listening, empathy, recruiting, and evangelism.
- Influence and leadership - Fostering a community of knowledge-sharing, collaboration, mentorship, and forward-thinking.
- Skills and knowledge - The capacity to actively learn and apply specific domain knowledge, know-how, and best practices to continually enhance and improve.
In addition, all Justworkers focus on aligning their behaviors to our core values known as COGIS. It stands for:
- Camaraderie - Day to day you can be seen working together toward a higher purpose. You like to have fun. You’re an active listener, treat people respectfully, and have a strong desire to know and help others.
- Openness - Your default is to be open. You're willing to share information, understand other perspectives, and consider new possibilities. You’re curious, ask open questions, and are receptive to thoughts and feedback from others.
- Grit - You demonstrate grit by having the courage to commit and persevere. You’re committed, earnest, and dive in to get the job done well with a positive attitude.
- Integrity - Simply put, do what you say and say what you'll do. You’re honest and forthright, have a strong moral compass, and strive to match your words with your actions while leading by example.
- Simplicity - Be like Einstein: “Everything should be made as simple as possible, but no simpler.”
- Minimum of 5 years experience working in information security
- A proven track record in security operations and in-depth security investigations
- Experience with *Nix, MacOS, cloud infrastructure preferred
- Strong Python and/or Bash scripting is a plus
- Solid experience in using security tools and technologies such as, DLP, SIEM, EDR, MDR, MDM
- At least 4 years of experience in AWS security
- Completed academic or a professional qualification in cybersecurity or related. If not, certified in one or more of the following CISSP, OSCP, CEH, GIAC (GXPN, GCIH, GCFA, GCIA, GWAPT, GPEN)
- Knowledge of computing and security concepts, and demonstrated understanding of networking fundamentals including subnetting, TCP/IP, protocols such as SSL/TLS, DNS, HTTP, SSH, etc.
- Strong communication, team working skills, agility to work on any area related to security based on need, organization and interpersonal skill
Please Note: In accordance with New York City public health requirements, and because this position requires onsite work, this position will require the successful candidate to show proof of vaccination against COVID-19. As an equal opportunity employer, Justworks will provide reasonable accommodation to those individuals who are unable to be vaccinated consistent with federal, state, and local law.
Diversity At Justworks
Justworks is committed to maintaining a workplace where diversity of identity, culture, and life experience is the norm and is celebrated authentically and respected consistently. Diversity in our work, our people, and our product drives creativity and innovation, entrepreneurial leadership and integrity, competitiveness, and collaboration throughout our business and in the market. We depend on our differences to make our team stronger, our workplace more dynamic, and our product accessible to all of our customers.
We’re proud to be an equal opportunity employer open to all qualified applicants regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, veteran status, or any other legally protected status.