If interested, please contact catherine@3pandt.com

Location: Sunnyvale, CA

Join the Fintech and SaaS revolution that is helping small businesses grow faster and get the technology and insights previously available only to the “big guys.” You will be part of an entrepreneurial team working in a fast-paced and high growth environment, with the benefits of a parent company, that is the largest payments processor and merchant acquirer worldwide. 

Our client delivers the leading Point of Sale system with an elegant end-to-end solution that incorporates beautiful devices, cloud-based POS software, payments processing, platform API’s for third-party developers, and an ecosystem with over 220 apps. The platform delivers solutions in a scalable and modular fashion that powers tiny merchants through large football stadiums, supporting millions of transactions daily.

As an Infrastructure Security Engineer, you will work closely with the Engineering and Technical Operations teams, helping to ensure the security of our infrastructure and payments platform.

Responsibilities:

  • Assess infrastructure and web environments to help identify and prioritize risks and vulnerabilities

  • Perform red team exercises, conduct internal pen-tests on web applications and infrastructure, internal social engineering exercises, etc.

  • Participate in our bug bounty program by triaging infrastructure-related reports

  • Handle infrastructure security incidents and perform investigations

  • Harden network infrastructure including VPN, wireless, and endpoint security

  • Evaluate and recommend infrastructure security tools

  • Evaluate and deploy critical patches needed for production systems

  • Design, configure and maintain production IDS and NIDS systems

  • Help with periodic risk management reviews in concert with Engineering, Technical Operations and upper management

  • Participate in IT and security audits

Requirements:

  • Experience with internal and/or external penetration testing

  • Experience with popular security tools such as Kali Linux, Metasploit, Hashcat, Burp Suite, Shodan, etc.

  • Experience with common security scanning tools (e.g. Nessus, Qualys, IBM AppScan, etc.) is a plus

  • Experience with HIDS and NIDS tooling (OSSEC, Snort, Bro, Suricata, etc.)

  • Solid coding skills (Python or Java is a plus)

  • Experience with reverse engineering tools such as IDA Pro (preferred)

  • Experience with security incident management and response

  • Strong networking and infrastructure experience

  • Highly proficient in Linux and OS Internals

  • CISSP or CEH certified (nice to have)

 If interested, please contact catherine@3pandt.com