Founded in 2013, Skedulo is a fast-growing SaaS company headquartered in San Francisco and with offices in Australia, Vietnam, and the United Kingdom. Here, we use the latest technologies and best engineering practices to deliver groundbreaking software that is making a difference around the world.
If you’re drawn to solving interesting hard problems, Skedulo is for you. Over the past 20 years, less than 5% of software investment has been focused on the needs of the world’s 2.7 billion mobile workers, and the mobile workforce is our sole focus. Join us as we build a scalable platform for the world’s largest brands working with the most respected technology partners.
Skedulo is a momentum leader in Field Service Management (based on G2 Winter 2021 rating) and is growing rapidly to meet the demands of a post-Covid world. This is a compelling opportunity to join a fast-growth, enterprise grade, SaaS based business where an outstanding mobile experience is at the heart of our product and user experience.
As a Senior Security Engineer, you'll be responsible for maintaining high availability, configuration/efficiency, and implementation of information security tools, systems, and services. You'll be working with the Engineering and Operations team to identify and respond to threats to the organisation. You'll also be responsible for developing and executing security processes, policies, and procedures in collaboration with the Director, Information Security. The Senior Security Engineer will also have an opportunity to work on complex cross-functional projects that require an in-depth understanding of multiple security domains and threat modeling. They will also be able to identify and assess risks proactively and work alongside the Engineering and Operations team to work on a solution.
- Manages regulatory compliance tasks and requirements; researches and identifies industry compliance standards and develops compliance policies
- Supports Engineering team in secure coding practices, architecture, and infrastructure development
- Leads incident response activities, and assists in breach root cause analysis
- Conducts vulnerability assessments on product developments - potential for penetration testing
- Monitors networks for security incidents, alerts, and breaches - manages SIEM systems
- Assists in developing Skedulo’s information security strategy and threat modeling
- 4-6 years in information security role (e.g., SOC, Incident Response, Penetration Testing, Security Engineering)
- 1-2 years in managing regulatory compliance framework requirements (e.g., SOC2, ISO27001, GDPR)
- Formal education in Computer Science, Information Technology, Cybersecurity. Experience in lieu of formal education is acceptable.
- Knowledge of Mobile Device Management (Microsoft Intune) security policies
- Thorough understanding of threat modeling and risk evaluation as it pertains to SaaS, and the ability to develop mitigation strategies.
Desired Skills and Experience
- Background in AWS cloud infrastructure and would be able to look at an existing landscape and interpret it
- One or more Certifications (CISSP, GWEB, GPEN, GWAPT, OSWE, OSCE, OSCP)
- Knowledge of rules and regulations related to information security and data confidentiality (GDPR, HIPAA, FedRAMP, etc.)
- Software development or scripting experience (Python, Shell, Java, JSON, Jira, etc.)
- Familiar with Cloud Native infrastructure - container orchestration knowledge, particularly Kubernetes
- Fun, creative and fast-paced working environment
- Flextime - 2 days in the office & 3 days work from home
- Competitive salary
- Stock Options/ Equity
- Paid Parental Leave
- Learning & Development Stipend
- Employee Referral Bonus
- Our offices have creative, open workspaces with room to play, reflect, and relax