Security Engineer

Posted 3 Days Ago
Hiring Remotely in Salt Lake City, UT
Remote
Hybrid
Junior
eCommerce • Legal Tech • Professional Services • Software • Data Privacy
Fighting hubris, mission statement hypocrisy, and a tendency to overcomplicate things. We try to do good work each day.
The Role
As a Security Engineer at Two Barrels, you will focus on identifying vulnerabilities in the company's systems through penetration testing and automated tasks. You will create security reports, communicate with stakeholders, and continuously enhance security practices while staying updated on exploits.
Summary Generated by Built In

Overview:
Two Barrels is hiring a Security Engineer for $175,000/year. You will be a traditional company employee. This is a full time 40 hour/week position with company benefits. This is a remote position. Our main office is in Spokane WA, and we have satellite offices in Austin TX and Salt Lake City UT.
We are expanding our team to include a Security Engineer to be 100% focused on our security efforts. As the right candidate, you will have experience working in-house as a full-time penetration tester, a regular 3rd party bug bounty program pen tester, or in a similar security type role. Your job will be to identify our vulnerabilities to help keep our information safe and secure.
Location:
Remote | Spokane - Austin - SLC |
Duration:
Full Time
Wage:
$175,000/year
Responsibilities:

  • Understand and safely use various open source penetration testing tools and when appropriate, emulating hacker tactics, techniques, procedures
  • Create security vulnerability reports for both technical and executive audiences
  • While in-between assessments, you will be expected to help our security engineers think through solutions to problems you find
  • Automate tasks and script at a basic level to enhance penetration testing processes
  • Passion for learning new technologies and processes, and contributing to refining existing capabilities
  • Communicate with stakeholders (technical and non-technical), both verbal and written
  • Stay up to date on 0 day exploits for tech stacks we use


Minimum Qualifications:

  • Solid fundamentals in webapp and network pentesting (2+ years). Pentesting experience in mobile apps, APIs, and/or cloud environments a bonus
  • Experience with Linux, cloud environment testing as well as Ruby and Python web frameworks
  • Understanding of security issues for desktop, virtual, cloud services and network infrastructures
  • Working knowledge of information systems security standards/practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)
  • Experience with secure network protocols and encryption of communications between networked hosts
  • Experience in IT systems and security policies, standards, industry trends, and techniques
  • Experience with assessing APT threats, Penetration Testing, Vulnerability Management, attack methodologies, forensics analysis techniques, malware analysis, attack surface comprehension, Cyber Threat Emulation operations, Cyber Advanced Threat Emulation Team operations and research, identification, and/or verification of new APT TTPs
  • Fundamental understanding of security knowledge of testing mobile, native applications, web applications, distributed and database systems
  • Must be detail-oriented and possess strong problem-solving skills and ability to analyze for potential future issues
  • Solid understanding of common webapp vulnerabilities, exploitation techniques, and remediation options


Why you might like this job:
You've changed a price on a website you were checking out on to see if it worked. You've messed around where you shouldn't have and you've always thought it would be fun to do that full time in a way that didn't make you feel like an evil person or that karma would catch up to you. Maybe you've messed with folks in the past too much and want to earn some good karma points by helping us secure our high volume software and systems.
#BI-Remote
Benefits:

  • Great Wage & Success Meetings with your manager
  • Work From Home comfort package & company provided equipment
  • 22 days paid time off annually, PLUS 4 paid holidays
  • 4% 401k employer matching through Fidelity
  • 100% employer-paid medical, dental and vision for employees
  • Maternity and Paternity Leave
  • Flexible hours
  • Coffee shop next door
  • Crappy parking? Oh, I mean a cool downtown location for easy public transportation options...

Top Skills

Python
Ruby

What the Team is Saying

Jason
Joshua Stubb
Vanessa Sickles
Brad Armstrong
Josh Groeschl
Hank
The Company
HQ: Spokane, WA
950 Employees
Hybrid Workplace
Year Founded: 2010

What We Do

Two Barrels is a Professional Services as a Product Company. ( A PSAAP - Duh! ) We run our company via product life cycles. We use tech to make amazing products and invest heavily in humans to help our clients with their business services needs.

Two Barrels is family-owned and operated, employs over 650 good humans across the nation, and services over 3 million active businesses nationwide. As we've grown, we've maintained a 95% employee retention rate. We have no debt, no investors, no venture capital, and no private equity.

What does it mean to be family-owned and operated?

Well, it's not perfect. But growth, profits, KPIs, endless investor meetings, warrants, options pools, vesting, or manipulating employees to be indentured servants in exchange for paper shares that won't make you rich, aren't things we have to deal with here.

We try to do good work and see where it goes. That's our actual mission statement. We try to make our customers and our employees happy. We get to focus on that versus making investors happy. We are well aware of competing with startups, and VC and PE-funded, or worse yet, public companies' total compensation packages, so we bring it up. We are different. Our packages include an excellent salary and 401K to buy stock wherever you want. We try to make our overall benefits better each year as we grow. We offer tough challenges—focusing on the journey as the reward, not the finish line. We try to hire people we enjoy being around.

We're not a platform or an AI cool guy place. We're not software as a service/whatever is the cool thing that gives investors a reason to ask for a higher multiple on their next round of stock dilution. Whoops, I mean, investment for the future.

We make business entity compliance tools. We power over 50,000 Professional Services that do registered agent service, corporate filings, VoIP phones, credit card processing, and various tech products. Here's a few examples of industry leaders riding on our backbone:

https://www.northwestregisteredagent.com/service-signup
https://www.registeredagentsinc.com/solutions/

We made a CRM system but focused on a whole stack of solutions for our business services customers and now we're pretty busy and could use your help. Thanks for looking!

Why Work With Us

A mid sized company servicing millions of clients, employing hundreds, but being family owned and operated with no debt, investors, VC, or PE in the tech space is unique. We offer stability, flexibility, and an opportunity to make a high impact almost immediately. We don't sell data to third parties. We're extremely open source and privacy focused.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

Two Barrels LLC Teams

Team
Product & Tech
About our Teams

Two Barrels LLC Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

As a hybrid employer we have full-time remote employees and employees that live near our offices who have the option to work in-office or from home. There are just a few, select roles that specify and require some in-office time.

Typical time on-site: Flexible
HQSpokane, WA
Austin, TX
West Jordan, UT
Learn more

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account