Security Engineer

  • BHO Tech
  • San Francisco, CA, USA
  • Jun 07, 2024
Full time Engineering

Job Description

A million people a year die in car collisions around the world. That number should be zero. You can help us create a new InsurTech company that uses the latest technology and data science methods to save lives by preventing car collisions before they happen.

To this end, we are building a small team of elite developers, data scientists, and business people who truly care about making a difference in the world. If this all sounds like a match for you and what you're up to, please apply. We'd love to hear from you.

We're seeking an Information Security Engineer to help us achieve a world-class operational, infrastructure, application, and incident response posture to protect critical assets for the company and its customers. You have a broad understanding of the modern cyber security landscape, with a background in intelligence gathering, incident response, application security, and process documentation. Bonus points for Red Team experience. You will work with a team of accomplished Engineers and Data Scientists, and will be relied on as a technical contributor with a focus not only on engaging in the right activities, but achieving the right results.

Security Domains 
Your education, skills, and experience position you to provide immediate help in at least 2 of these 5 areas, with bonus points for more, and for experience in/ understanding of key subdomains

Risk Assessment 
Vulnerability scans 
Penetration tests (incl. social engineering) 
3rd Party (e.g., vendor) risk assessment 
Data-centric risk assessment

Threat Intelligence 
Online Threat Information Sources 
Indicators of Compromise

Security Operations 
Vulnerability Management 
Data Loss/Leakage Prevention 
Incident Response

Security Engineering 
Security Architecture 
Identity and Access Management 
Access Control, SSO 
Secure Software Development 

Cloud Security 
AWS Roles, Policies, Resources and Credentials 
User provisioning, SAML, OpenID Auth, etc.

Qualifications (The more of these you can legitimately claim the better) 
Bachelor’s degree (CS, EE, etc. preferred). 
Experience with SIEM technologies, and best practices for visibility into events. 
Malware detection, analysis, exploitation, containment, and eradication techniques. 
Skill in Penetration Testing, Vulnerability Management, Threat Vector Analysis, Intrusion Detection and Prevention, Incident Management and Response, Web Application Security, Risk Assessment and Mitigation Methodologies, and Counter Threat Operations. 
Experience monitoring and managing network and host-based intrusion prevention systems, malware prevention systems, vulnerability scanning solutions, DDOS protection, SIEM, host-based integrity checking, endpoint security and AV. 
OS X, Linux, Windows 
Proficiency in building and automating efficient and effective scripts from scratch with languages such as Python, Node.js, sh, Perl, etc. 
Knowledge of toolsets and frameworks like OSSEC, elasticsearch, ELK, OpenSOC, OpenIOC, etc. 
Experience applying knowledge of information security concepts and theories through technical and non-technical methods. 
Solid understanding of cyber security threats, risks, vulnerabilities, and attacks, giving insight into threat actor motives, capabilities, and techniques. 
Demonstrated ability to meet deliverables, timetables, and deadlines. 
Personal integrity and high ethical behavior at all times to inspire confidence in clients, peers, partners, and employees. 
Knowledge of current and emerging security and information technology standards and practices. 
Acquaintance with security compliance regimes: NIST, PCI-DSS, ISO 27000, CIS, etc.

We are an equal opportunity workplace and affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.


Cloud Computing, Cryptography, Penetration Testing, Security, SIEM, AWS, Vulnerability and Threat Management


$200K – $250K and higher (DOE)
No Equity

Visa Sponsorship


Best Regards,
Kris Young
Account Manager
BHO Tech
San Jose, San Francisco CA
Phone: 866 816-1615 x 823