Security Engineer I

Why TrueAccord? TrueAccord, a wholly owned subsidiary of TrueML, is a category-defining company. We combine machine learning with a human-based approach to transform debt resolution and to get people on the path towards financial health. Every year, more than 70 million Americans have negative experiences dealing with debt. We are changing this by providing personalized digital experiences that guide lenders and consumers through this challenging financial process. With a world-class leadership team, passionate team members, and proprietary predictive models trained on years worth of transactional data, TrueAccord is well-positioned to deliver on a huge opportunity: helping millions of consumers to regain and keep their financial footing while lowering the cost of doing business for creditors across many industries. TrueML InfoSec team is responsible for keeping our systems secure and compliant. In this role, you will work across several internal departments (Engineering, QA, DevOps, IT, Legal, Compliance) as well as with our security partners (auditors, security management platform providers) and clients to systematically identify and address information security issues. The work will include security gap analysis, advising product engineers on best practices, and helping implement and validate relevant solutions. Work-Life Benefits Unlimited PTO Medical benefit contributions in congruence with local laws and type of employment agreement What You'll Do: Hardening of cloud based infrastructure. Create/maintain Vulnerability Management program (detection, analysis, reporting, remediation assistance). Building and updating network and system diagramsSecure programming in a CI/CD environment. Implementation of security controls (Firewalls, AWS Security Groups, Two Factor Authentication, anti-virus, anti-phishing, DDOS mitigation). Conduct regular security related assessments (vulnerability scans, penetration tests) to maintain company's compliance status. Designing and tracking security metricsAssist in gathering evidence for security audits and compliance reviews (e.g., PCI, ISO 27001). Utilizing Gen Ai to perform analysis on malware, threat intelligence and security logs. Assist in the day-to-day operation and monitoring of security tools, including Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and firewalls. Assist with initial incident response activities, including gathering evidence, documenting steps, and helping to contain and eradicate threats. Help maintain and update security documentation, including procedures, runbooks, and configuration guides. Job Requirements/Qualifications: Passionate about knowing the latest on trends and issues in the security industry, including new technologies. B.S. in Computer Science or equivalent experience. 3+ years of experience in information security. 2+ years of experience working with Amazon Web Services. Advanced technical knowledge of infrastructure, applications, and cloud security. Experience running OWASP Top Ten assessments and analysis. Excellent written and verbal communication skills. Advanced knowledge of information security standards, rules and regulations related to information security and data confidentiality. Excellent problem solving skills. What Will Make You Stand Out (Nice to Have's): Scripting knowledge in Python or another language. Knowledge of security frameworks and certifications (AWS Security, Security +, SSCP). Relevant Information Security certifications. $22,849 - $32,750 a year We are a dynamic group of people who are subject matter experts with a passion for change. Our teams are crafting solutions to big problems every day. If you're looking for an opportunity to do impactful work, join TrueML and make a difference. Our Dedication to Diversity & Inclusion TrueML and TrueAccord are equal-opportunity employers. We promote, value, and thrive with a diverse & inclusive team. Different perspectives contribute to better solutions and this makes us stronger every day. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. #J-18808-Ljbffr