Application Security Director

Posted 22 Hours Ago
Hiring Remotely in Spokane, WA
Remote
Hybrid
Senior level
eCommerce • Legal Tech • Professional Services • Software • Data Privacy
Fighting hubris, mission statement hypocrisy, and a tendency to overcomplicate things. We try to do good work each day.
The Role
The Application Security Director will lead the security team, develop comprehensive security strategies, and ensure compliance with regulations. Responsibilities include educating staff on security, solving problems proactively, leveraging automation, and improving security processes. A hands-on leader with coding ability in Ruby is essential, alongside experience in Linux and cloud security.
Summary Generated by Built In

Overview:
Two Barrels is hiring an Application Security Director to build, lead and develop our Security team. You will be a traditional company employee. This is a full-time 40 hours/week position with company benefits.
As a "Director," you will be responsible for overseeing security as well as actually doing the work of a security engineer as we grow this team. Ultimately, if you are solely looking for the prestige of being a "Director," this probably isn't the right place for you. We are not looking for a figurehead to fill this seat; we want someone who is going to get their hands dirty and do the work. But because your title will be "Application Security Director," you will need to be able to push and grow the team. You have been there and done that in the security world, help some people out!
You like being hands-on and doing the actual work, but you also like the tactical part of this and looking at things from a higher level. You are a professional and don't laugh at job titles like "Penetration Tester" even though it's funny. More importantly, you know what someone in that role is doing, and you can do some of it yourself if not all of it. Your role is technical, but you're also a leader, so you're a technical leader. We have Operations Managers who aren't technical, so we need you to be technical... so you're a technical leader of technical people who do technical things.
This is a remote or work-wherever-you-want position. Of course, we'd prefer you be around Spokane, Salt Lake, or Austin to have a hub based out of one of our three main offices, but we're open to good talent anywhere in the US.
Location:
Remote | Spokane - Austin - SLC |
Duration:
Full Time
Wage:
Up to $200,000/year
Responsibilities:

  • Solve problems, don't just bring them to our attention
  • Find open source solutions, we like to build things, not buy things
  • Create cutting-edge processes that will leverage automation to improve our resiliency and position ourselves better to respond to security events
  • Develop and implement a comprehensive security strategy that aligns with our business objectives and priorities
  • Drive education initiatives company-wide to create security-minded employees
  • Lead security initiatives and ensure compliance with applicable regulatory requirements, such as HIPAA, PCI, and GDPR
  • Stay up to date on the newest security technologies and methodologies
  • Provide development and feedback to team members
  • Responsible for team growth


Minimum Qualifications:

  • Be a good human
  • Ability to code and work with Software Engineers (Ruby is ideal, but general software coding is required)
  • Have a build versus buy mentality
  • 5+ years of experience in Computer Science or a related field required with at least 2 of those years in Security
  • 2+ years in a technical leadership role
  • Experience with building, managing and developing a team
  • Experience with Linux and the ability to secure Linux-based systems
  • Working knowledge of the Ruby on Rails framework, including its security features and vulnerabilities
  • Able to identify the problem, not just the symptoms
  • Ability to take a holistic approach to security, identifying vulnerabilities and risks across the entire system, including areas that individual teams or departments may overlook or not be aware of
  • Comfortable working in an ambiguous environment
  • Solid understanding of AWS infrastructure, including security features, compliance requirements, and best practices for securing cloud environments
  • Basic understanding of Kubernetes architecture, its security features, and how to secure Kubernetes clusters
  • Open source solutions are your go to


Preferred Qualifications:

  • Experience in leading security incident response efforts
  • You have grown a security group from the ground up
  • You're a nice person
  • You thrive on the chaos of a place that is always coming out with great ideas


Why you might like this job:
You think like a hacker and know what they're going to do, but you are one of the good guys and want to use your security powers for good, not evil. You recognize real security risks and pride yourself on identifying the problem and not just the symptoms of the problem. You want to educate people, including developers and customer service reps, about how to avoid security problems.
We're family owned and provide a secure platform for our clients to do good work, and we want to keep it that way. Privacy, security, and ease of mind for our people; let's keep that going. We have a lot of good people here who want to see that continue, and you want to push it farther down that road.
#BI-Remote
Benefits:

  • Great Wage & Success Meetings with your manager
  • Work From Home comfort package & company provided equipment
  • 22 days paid time off annually, PLUS 4 paid holidays
  • 4% 401k employer matching through Fidelity
  • 100% employer-paid medical, dental and vision for employees
  • Maternity and Paternity Leave
  • Flexible hours
  • Coffee shop next door
  • Crappy parking? Oh, I mean a cool downtown location for easy public transportation options...

Top Skills

Ruby

What the Team is Saying

Jason
Joshua Stubb
Vanessa Sickles
Brad Armstrong
Josh Groeschl
Hank
The Company
HQ: Spokane, WA
950 Employees
Hybrid Workplace
Year Founded: 2010

What We Do

Two Barrels is a Professional Services as a Product Company. ( A PSAAP - Duh! ) We run our company via product life cycles. We use tech to make amazing products and invest heavily in humans to help our clients with their business services needs.

Two Barrels is family-owned and operated, employs over 650 good humans across the nation, and services over 3 million active businesses nationwide. As we've grown, we've maintained a 95% employee retention rate. We have no debt, no investors, no venture capital, and no private equity.

What does it mean to be family-owned and operated?

Well, it's not perfect. But growth, profits, KPIs, endless investor meetings, warrants, options pools, vesting, or manipulating employees to be indentured servants in exchange for paper shares that won't make you rich, aren't things we have to deal with here.

We try to do good work and see where it goes. That's our actual mission statement. We try to make our customers and our employees happy. We get to focus on that versus making investors happy. We are well aware of competing with startups, and VC and PE-funded, or worse yet, public companies' total compensation packages, so we bring it up. We are different. Our packages include an excellent salary and 401K to buy stock wherever you want. We try to make our overall benefits better each year as we grow. We offer tough challenges—focusing on the journey as the reward, not the finish line. We try to hire people we enjoy being around.

We're not a platform or an AI cool guy place. We're not software as a service/whatever is the cool thing that gives investors a reason to ask for a higher multiple on their next round of stock dilution. Whoops, I mean, investment for the future.

We make business entity compliance tools. We power over 50,000 Professional Services that do registered agent service, corporate filings, VoIP phones, credit card processing, and various tech products. Here's a few examples of industry leaders riding on our backbone:

https://www.northwestregisteredagent.com/service-signup
https://www.registeredagentsinc.com/solutions/

We made a CRM system but focused on a whole stack of solutions for our business services customers and now we're pretty busy and could use your help. Thanks for looking!

Why Work With Us

A mid sized company servicing millions of clients, employing hundreds, but being family owned and operated with no debt, investors, VC, or PE in the tech space is unique. We offer stability, flexibility, and an opportunity to make a high impact almost immediately. We don't sell data to third parties. We're extremely open source and privacy focused.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

Two Barrels LLC Teams

Team
Product & Tech
About our Teams

Two Barrels LLC Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

As a hybrid employer we have full-time remote employees and employees that live near our offices who have the option to work in-office or from home. There are just a few, select roles that specify and require some in-office time.

Typical time on-site: Flexible
HQSpokane, WA
Austin, TX
West Jordan, UT
Learn more

Similar Jobs

Two Barrels LLC Logo Two Barrels LLC

Cyber Security Analyst - Information Systems and Networking

eCommerce • Legal Tech • Professional Services • Software • Data Privacy
Remote
Hybrid
Spokane, WA, USA
950 Employees
175K Annually

Two Barrels LLC Logo Two Barrels LLC

Security Engineer

eCommerce • Legal Tech • Professional Services • Software • Data Privacy
Remote
Hybrid
Spokane, WA, USA
950 Employees
175K-175K Annually

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account