Senior Security Operations Engineer (Remote)
Remote•March 17, 2025
ABOUT BESTOWBestow is the leading digital platform for life insurance. As both a direct-to-consumer destination and an infrastructure provider, Bestow is on a mission to make life insurance accessible to millions of underserved families. We strive for work-life balance and believe happy employees make for better experiences and happier customers. It’s a model that helped us land on Forbes’ Best Startup Employers 2021 and 2022 lists!ABOUT THE TEAM As our Senior Security Operations Engineer, you will be critical in supporting our company-wide information security/privacy risk and governance program. You will be responsible for setting up and running the security & privacy operational task to keep our customers and our company data safe. With your technical skills, the successful candidate will have deep experience implementing security practices, guidelines, and recommendations. Your strong partnership with co-workers will help these process owners be successful during audits. Our team thrives in highly independent and autonomous work culture and values mentorship and learning.Open to Austin, TX, Dallas, TX, Remote (US) #LI-Remote
ABOUT THE ROLE
- Collaborate with the Chief Security Officer (CSO) to assist with developing, maintaining, and implementing security standards.
- Partner with IT to ensure secure implementation of access controls and identity management
- Lead initiatives for the operating system, docker images, Kubernetes/GKE, and configuration hardening in the public cloud
- Design and implement comprehensive vulnerability and patch management programs
- Advise technical IT teams on remediation steps for vulnerabilities identified with scans or penetration tests
- Lead and collaborate with IT, Legal, Finance, Insurance Operations, External Examiners, and business areas appropriate during compliance exams
- Own the day-to-day operations of security scanning and web penetration testing tools
- Implement security monitoring measures to secure the production environment
- Serve as a technical advisor and provide regular metrics and updates on the state of the environment
- Continuously look for opportunities to improve our security tooling, apparatus, and best practices
THIS ROLE REPORTS TO
- Manager, Cloud Engineering
YOUR EXPERIENCE
- 5+ years of Information Security Experience
- Working experience with the Google Cloud Platform (GCP) or AWS
- Hands-on experience with automation and scripting such as Terraform and Shell/Python scripts
- Experience with managing penetration testing of web applications, network devices, and cloud configurations
- A self-starter, comfortable working with cloud infrastructure, software development, and information security risk issues
- Knowledge of information technology and/or software development risk management frameworks, including compliance practices
- Knowledge of NIST CSF and implementing Information Security Controls
- Ability to implement security policies, standards, and guidelines based on best practices and industry frameworks
- Excellent interpersonal, communication, and presentation skills, including formal report writing experience
- Industry security certifications (i.e. CCSP, CCSK, CCSE for cloud security) are a plus