Lead Information Security Engineer
jackpocket Remote, New York, NY or Santa Barbara, CA Full-time 2022-07-25
Jackpocket is the first mobile lottery app in the U.S. that offers players a secure way to order official state lottery tickets, such as Powerball, Mega Millions, and more, via their smartphones. We're creating a more convenient, fun, and responsible way to play the lottery by modernizing the $300B global lottery market with a mobile platform that everyone, including grandma, can feel good about.
As Jackpocket’s first Lead InfoSec Engineer, you will play a critical role in the continued development and improvement of Jackpocket’s information security program. You’ll work hands on to monitor systems and proactively assess vulnerabilities, lead remediation efforts, and continuously develop and document controls and protocols for the business as we continue rapid expansion. This is a full time role reporting to the Director of Information Security.
- Participate in day to day security monitoring across multiple security tools and systems
- Identify areas of needed improvement across multiple functional areas and work to align operational processes to security standards and industry best practices
- SME for all Information Security technologies
- Work to maintain ongoing PCI and SOC 2 compliance
- Proactively seek out and identify threats and vulnerabilities in the codebase and lead remediation efforts
- Lead process standardization and documentation for security controls across the organization
- Attend agile ceremonies to identify and assess risks and vulnerabilities
- Track and maintain all risk within the organization
- Key member on all security incident response
- Lead network security efforts and support infrastructure initiatives as needed
- 6+ years of InfoSec Engineering experience, preferably in a CI/CD environment
- Experience with SDLC and agile methodologies
- Functional knowledge of SQL, Python, or similar programming languages
- Experience with security tools such as Drata, Tenable, Datadog, Crowdstrike, etc.
- Experience with SIEM technologies
- Knowledge of PCI and SOC 2 compliance standards and ability to standardize and document proper controls
- CISSP and/or CEH certification preferred
- Experience with cloud environments (GCP, AWS, Azure) preferred
- Medical insurance covered up to 100% by Jackpocket
- Dental & vision insurance
- 401(k) matching
- Stock options
- Commuter benefits and Citi Bike membership
- Discounted gym membership
- Catered meals and stocked kitchen
- Flexible working hours
- Autonomy and upward mobility
This is a full-time exempt position and is not eligible for overtime under FLSA requirements. We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Jackpocket is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request a reasonable accommodation, contact firstname.lastname@example.org.