The Information Security team at Root strives to lower the risk within the organization, while enabling transformative technologists to do their cutting-edge work. As an Information Security Engineer you’ll be joining a small team dedicated to securing Root, having a large opportunity to influence the how we build and secure these systems.
We're searching for someone with strong vulnerability management and remediation experience along with AWS architecture/infrastructure experience. You'll work with various stakeholders including our IT, Infrastructure (Reliability), Information Security & Development teams to ensure that vulnerabilities are detected and fixed in a timely manner. This position provides a unique opportunity to work in a rapidly growing, inclusive environment, and to assist with projects beyond the scope of a traditional Information Security Engineer.
What you'll be doing.
- Configure and execute vulnerability scans across the enterprise.
- Assess vulnerability risk and coordinate remediation activities with IT, Infrastructure (Reliability), Information Security & Development teams.
- Track and improve SLAs for vulnerability management.
- Report remediation of discovered vulnerabilities to various levels of the business.
- Drive continual improvement and innovation in the vulnerability management space.
- Participate in on-call duties related to vulnerability management.
- Investigate network intrusions and other cyber security incidents to understand the cause and extent of the incident.
- Investigate phishing and self-identified potential cyber threats.
- Manage the chain of custody for all evidence collected during incidents and security investigations.
- Summarize events/incidents effectively to different stakeholders such as legal counsel, executive management and technical staff, both in written and verbal forms.
- Ability to take ownership of projects with a strong sense of urgency, and to perform tasks with minimal supervision
What we're looking for.
- 5 years of experience in Information Security or Application Security engineering role.
- Experience in configuring and trouble-shooting vulnerability scanning tools such as Tenable/Nessus essential.
- Scripting skills (e.g. Perl, Ruby, Python, PowerShell, Shell scripting).
- Experience with Amazon Web Services Architecture/Infrastructure
- Experience working under strict compliance requirements.
- Experience working in a fast growing environment with diverse teams and technologies.
- In-depth understanding of various operating systems, TCP/ IP networking (TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) and public cloud technologies.
- Familiarity with risk assessment methodologies.
- CISSP, CISM, SANS GSEC, CEH or equivalent certifications a plus.
At Root, we judge people based on the merit of their work, not who they are. Very few (if any!) people will fit every description; so if you are passionate about what this role entails, and are excited by solving real problems, we encourage you to apply; we want to learn about you, and what you can add to our team!
Who we are.
Root Insurance is the nation’s first licensed insurance carrier powered entirely by mobile. We were founded on the belief that the services you need for everyday life should serve you better. That’s why we base insurance coverages on you, not your demographic. It’s the way insurance should be. And it’s all conveniently in an app.
What draws people to Root.
We’re a rapidly scaling technology company. Our early success is in large part due to our unwavering standards in hiring. We recognize that our product is only as good as the people building and promoting it. We look for individuals who find solutions by going through the cycle of ideation to implementation with curiosity, rigor, and a highly analytical lens. Ask anyone who works here and you’ll hear similar reasons for why they joined:
Autonomy. For assertive self-starters, the opportunities to contribute are limitless.
Impact. By challenging the way it’s always been done, we solve problems that have a big impact on our business.
Collaboration. We encourage rich discussion and civil debate at every turn.
People. We are inspired by the collection of crazy-smart people around us