Justworks
At Justworks, you’ll enjoy a welcoming and casual environment, great benefits, a wellness program, company retreats, and the opportunity to learn from leaders in the startup community. We work hard and care about our most prized asset – our people. We’re helping businesses get off the ground by enabling them to focus on running their business. We solve HR issues, are data‑driven, and never stop iterating. If you’d like to work in a supportive, entrepreneurial environment and build something meaningful while having fun, we’d love to hear from you. We’re united by shared goals and motivations, and our company values are reflected in our product and team.
Who You Are Justworks is looking for an experienced, hands‑on Senior Security Engineer to drive our Security Architecture & Engineering function. You will handle multiple security domains including network, infrastructure, application security, IAM, and data protection. You will collaborate across the Security department, working closely with Security Operations and GRC functions. An ideal candidate has a proven track record of building security solutions and managing company security postures. Comfortable coding in Ruby on Rails, JavaScript or other similar languages, you’ll prefer experience in Linux environments and proficiency with common cybersecurity tools.
Success Profile What You Will Work On
Evaluate existing security controls and identify opportunities to enhance Justworks’ security posture.
Own Exposure Management, covering vulnerability management, misconfiguration management, end‑of‑life management and the bug bounty program.
Improve our security posture through strengthened vulnerability scanning, penetration testing and exposure remediation; be the SME for all scanning tools and exposure management platforms.
Implement security capabilities in SaaS and IaaS (AWS, GCP, Azure, etc.) and enterprise environments while executing and delivering the security roadmap.
Support the overall Justworks Security organization across multiple domains such as network & infrastructure, application security, identity & access management, data protection, Security Operations and GRC.
Work cross‑functionally with technology teams to embed enterprise security capabilities into solution architecture.
Support major new product development projects to ensure that appropriate security controls are built into systems before production cutover.
Drive process improvement and control implementation projects in coordination with the Digital Technology team.
Act as a cross‑functional tools and services expert, working with engineering, risk and security operations teams to build security control requirements.
How You Will Do Your Work
Good judgment – exercise critical thinking, analyze problems and implications, and develop mitigation strategies while owning outcomes.
Resourcefulness – take a can‑do approach, optimize what you have and continue improving.
Teamwork and communication – build relationships, listen, recruit and evangelize.
Influence and leadership – foster a community of knowledge sharing, mentorship and forward‑thinking.
Skills and knowledge – actively learn and apply domain knowledge, best practices and continually enhance and improve.
Qualifications
5+ years experience in information security concepts, technical control design, and security architecture principles, ideally in a SaaS environment.
Technical expertise in SAST, DAST, and penetration testing of cloud products and deployments.
Experience with endpoint security such as laptop, mobile device, browser, email and network security.
Hands‑on experience with Secure‑SDLC processes and DevSecOps, including threat modeling, vulnerability management, etc.
Familiarity with secure coding practices and security scanning technologies.
Strong experience in threat and exposure management.
Extensive experience in security architecture, system design, and engineering scalable security solutions in a cloud‑native (AWS) environment.
Deep knowledge of identity and access management.
Experience with DevOps, Jira and other agile automation tools.
Proven strong communication, analytical and organizational skills.
Preferred: Security certifications such as CISSP, CRISC, GIAC, CCSP or CEH.
The base wage range for this position based in our New York City Office is targeted at $167,500.00 to $205,000.00 per year. Actual compensation is based on a range of factors unique to each candidate, including skill set, experience level, and specific work location.
Diversity Justworks is committed to maintaining a workplace where diversity of identity, culture, and life experience is the norm and is celebrated authentically and consistently. We are an equal opportunity employer open to all qualified applicants regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital or familial status, disability, pregnancy, gender identity or expression, veteran status, genetic information, or any other legally protected status. We provide reasonable accommodations to candidates with disabilities and employees based on sincerely held religious beliefs.
#J-18808-Ljbffr
Who You Are Justworks is looking for an experienced, hands‑on Senior Security Engineer to drive our Security Architecture & Engineering function. You will handle multiple security domains including network, infrastructure, application security, IAM, and data protection. You will collaborate across the Security department, working closely with Security Operations and GRC functions. An ideal candidate has a proven track record of building security solutions and managing company security postures. Comfortable coding in Ruby on Rails, JavaScript or other similar languages, you’ll prefer experience in Linux environments and proficiency with common cybersecurity tools.
Success Profile What You Will Work On
Evaluate existing security controls and identify opportunities to enhance Justworks’ security posture.
Own Exposure Management, covering vulnerability management, misconfiguration management, end‑of‑life management and the bug bounty program.
Improve our security posture through strengthened vulnerability scanning, penetration testing and exposure remediation; be the SME for all scanning tools and exposure management platforms.
Implement security capabilities in SaaS and IaaS (AWS, GCP, Azure, etc.) and enterprise environments while executing and delivering the security roadmap.
Support the overall Justworks Security organization across multiple domains such as network & infrastructure, application security, identity & access management, data protection, Security Operations and GRC.
Work cross‑functionally with technology teams to embed enterprise security capabilities into solution architecture.
Support major new product development projects to ensure that appropriate security controls are built into systems before production cutover.
Drive process improvement and control implementation projects in coordination with the Digital Technology team.
Act as a cross‑functional tools and services expert, working with engineering, risk and security operations teams to build security control requirements.
How You Will Do Your Work
Good judgment – exercise critical thinking, analyze problems and implications, and develop mitigation strategies while owning outcomes.
Resourcefulness – take a can‑do approach, optimize what you have and continue improving.
Teamwork and communication – build relationships, listen, recruit and evangelize.
Influence and leadership – foster a community of knowledge sharing, mentorship and forward‑thinking.
Skills and knowledge – actively learn and apply domain knowledge, best practices and continually enhance and improve.
Qualifications
5+ years experience in information security concepts, technical control design, and security architecture principles, ideally in a SaaS environment.
Technical expertise in SAST, DAST, and penetration testing of cloud products and deployments.
Experience with endpoint security such as laptop, mobile device, browser, email and network security.
Hands‑on experience with Secure‑SDLC processes and DevSecOps, including threat modeling, vulnerability management, etc.
Familiarity with secure coding practices and security scanning technologies.
Strong experience in threat and exposure management.
Extensive experience in security architecture, system design, and engineering scalable security solutions in a cloud‑native (AWS) environment.
Deep knowledge of identity and access management.
Experience with DevOps, Jira and other agile automation tools.
Proven strong communication, analytical and organizational skills.
Preferred: Security certifications such as CISSP, CRISC, GIAC, CCSP or CEH.
The base wage range for this position based in our New York City Office is targeted at $167,500.00 to $205,000.00 per year. Actual compensation is based on a range of factors unique to each candidate, including skill set, experience level, and specific work location.
Diversity Justworks is committed to maintaining a workplace where diversity of identity, culture, and life experience is the norm and is celebrated authentically and consistently. We are an equal opportunity employer open to all qualified applicants regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital or familial status, disability, pregnancy, gender identity or expression, veteran status, genetic information, or any other legally protected status. We provide reasonable accommodations to candidates with disabilities and employees based on sincerely held religious beliefs.
#J-18808-Ljbffr