Security Engineer
Who We Are: Vivid Seats is the fastest-growing online marketplace for sports, theatre, and concert tickets. We are dedicated to providing our customers with the best ticket buying experience in the industry. We offer the perks, culture, and opportunity of an entrepreneurial start-up, supported by the scale, stability, and resources of over a decade of profitable growth.
At Vivid Seats, you won't ever be a sub or sitting on the bench — we'll give you the opportunity to carry the rock or grab the mic starting day one.
If you enjoy continually looking for ways to make an impact on your team, organization, and industry, we’d like to hear from you.
Job Description: As a Security Engineer, you’ll be responsible for protecting the confidentiality, availability, and integrity of Vivid Seats information assets. This position will advance and support Information Security best practices at Vivid Seats. The Information Security team will focus on driving the design, implementation, maintenance, and culture of security and technology functions for Vivid Seats products and services.
Responsibilities:
- Integrate with internal engineering teams providing frameworks to build, design, and implement products across the organization securely
- Review new and existing products and services for vulnerabilities
- Assess the health and security of internal network architectures
- Analyze and prioritize reports from external researchers; facilitate confirmed issues to resolution with engineering teams
- Assist in the prompt investigation of security incidents and be prepared to isolate and remediate incidents pursuant to established procedures
- Assist in the design and delivery of disaster recovery plans that meet compliance related recovery objectives
- Provide training to the Vivid Seats community, fostering a security best practice culture
- Support and assist in developing ongoing roadmap for security related projects
Desired Skills and Experience:
- 3+ years of combined experience in information security, technology, and risk management with at least 1 year experience focusing on information security
- Extensive knowledge of current and emerging IT security technologies and techniques covering all levels of cloud and local IT architecture
- Understanding of application security concepts (such as the OWASP top 10) with the ability to articulate concepts to technical and non-technical staff
- Vulnerability management experience across multiple operating systems, databases, and applications, remediating issues with technical staff
- Knowledge of disaster recovery and business continuity principles and practices
- Experience in TCP/IP networking, firewalls and virtual private networks (VPN)
- Understanding of current encryption standards and implementation procedures
- Ability to work with engineering teams to weigh business risks and enforce appropriate security measures in support of a Continuous Integration / Continuous Deployment environment
- Experience with incident management and threat remediation including threat analysis, isolation, identification, and eradication
- Ability to handle multiple complex, long term projects simultaneously
- Knowledge and experience with control frameworks such as ISO, NIST, CobiT, and PCI
- Passion for technology and information security
- B.A. or B.S. in Computer Science, Information Management, or relevant field
- CISSP is a plus
What We Offer: Vivid Seats offers competitive compensation, individual and team-based bonus opportunities, aggressive promotion timelines, and a variety of workplace perks. Specifically, staff has access to discounted event tickets, frequent in-office catered meals, office happy hours, team outings, free in-building gym membership, subsidized healthy meal and snack programs, and team sports leagues. Standard benefits include medical/dental/vision/life insurance, paid family leave, 401(k) plan with employer match, flexible hours and paid time off, and transit plan discounts.
Vivid Seats is an equal opportunity employer. Vivid Seats prohibits discrimination and harassment of any type and affords equal employment opportunities to employees and applicants without regard to race, color, religion, sex, national origin, age, disability or genetic information.