- Centregreen Way, Cary, NC 27513, USA
We’re Onna: a fast-growing tech startup based in New York and Barcelona with offices in Research Triangle Park and Tolouse. Our international team is composed of fun, experienced, and hard-working individuals on a mission to make information easily accessible and useful, no matter where it lives. We build e-discovery, knowledge management, and other data search tools for our clients (Facebook, Electronic Arts, Dropbox, and Fitbit, to name a few.) In May 2019 we closed an $11M Series A led by Dawn Capital with the participation of our integration partners Slack Fund and Dropbox - and we’re focused on building an amazing team to deliver the best product possible.
Are you an enthusiastic multi-tasker who feels comfortable in a challenging, fast-growing environment? Would you like to be part of a flat organization with an amazing culture? As a Security Engineer, you will be participating in the research, development and implementation of technical security programs and solutions necessary to us and our clients. Your role will have a vast variety of duties including conducting risk assessments, drafting of policies, implementing external solutions, responding to client security questionnaires, participating in security audits, compliance and any other security related tasks.
What you get to do every day
Development and implementation of security related policies and procedures
Selection and evaluation of security solutions
Conduct regular internal reviews and audits
Design and implementation of controls that mitigate identified risks and compliance goals
incident response plan, including development, implementation and annual test exercises
Development of security training and awareness program
Coordinating with third party vendors to implement regular pentesting and vulnerability management
Participate in the implementation and development of SIEM monitoring, IDS/IPS and logging tools
Work with SOC2 and ISO auditors to complete annual security audits and maintain certifications
Apply security engineering best practices according to well known industry standards (NIST 800, SANS…)
Communicate with current and prospective clients to address security related concerns or solutions.
Constantly work on growing your knowledge on relevant topics, product, solutions and best practices.
Bachelor’s degree in computer science, information systems or similar
Demonstrated expertise in providing security-focused solutions for the enterprise
Active CISSP certification
Experience with SOC2 Type II and ISO 27001 certification audit processes
Strong understanding of security compliance and privacy regulations (GDPR, PCI…)
Strong analytical skills
English fluency, both written and verbally, is a must
Good communication and attitude
Strong client facing skills and ability to address audiences of varying technical levels
Ability to multitask and handle multiple projects
Attention to detail and accuracy
Ability to collaborate in a team environment across multiple time zones
More than 5 years of experience in security, compliance, risk management, technical security implementations
Other industry accepted certifications (SANS, CISA, CISM…)
Ability to quickly learn new technologies
A self-starter comfortable working independently with minimal supervision
Able to take ownership of projects and propose innovative solutions to maximize productivity
We like to keep employees happy and are always looking for ways to improve our overall work culture and benefits package. Here are some of the benefits we offer at this time:
- Comprehensive medical, vision, and dental coverage
- 401(k) with matching contribution
- Flexible vacation and PTO policies
- Monthly gym membership
- Commuter perks
- Monthly group activities
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
All your information will be kept confidential according to EEO guidelines.