Senior Security & Compliance Engineer

Mobiquity - Gainesville, FL (30+ days ago)


Mobiquity is a digital engagement provider for more than 200 of the world’s leading brands. We are a collective of consultants, designers, developers, cloud advisors, and data scientists - spread across 3 continents and 9 offices - who create compelling digital experiences to help clients show they care to the people who matter most - their consumers, patients, and employees.

Reporting to the Director of Security Engineering, and working with other members of the security team, project delivery, Operations, and IT teams. This role is responsible for the overall quality and productivity of the security team.

Responsibilities include:

  • Ensure new projects are scoped, implemented and deployed in a secure manner;
  • Provide security expertise on customer project delivery teams throughout the Mobiquity Software Development Lifecycle (SDLC);
  • Maintain, apply, and enhance security architecture, development, testing, operations, and compliance standards throughout the organization;
  • Provide security and compliance subject matter expertise and consultation to internal Business Units and to Customers;
  • Coordinate with the IT, Operations, and Delivery teams to ensure adherence to strong SDLC tools and processes and training in secure coding and testing best practices;
  • Perform security/compliance internal audits on new projects;
  • Perform risk assessments on vendors, tools and processes;
  • Maintain and oversee execution of security policies;
  • Advise on strategy for new and existing compliance standards for Mobiquity and customers;
  • Consult with Labs team on projects and strategies related to research in security and compliance;
  • Support and lead internal security operations functions, including security awareness, vulnerability management, and incident response;
  • Consult with IT and Delivery teams on forensic analysis of breaches and exploits;
  • Maintain, apply, and enhance a set of materials for internal and external use related to Mobiquity security and compliance posture and on-going expertise;
  • Contribute to writing a periodic blog post and other market-facing content on topical security & compliance subjects;
  • Be prepared to participate as a member of the Mobiquity Corporate Security Team;
  • Represent Mobiquity with industry leaders, analysts and standards bodies in areas related to security and compliance;
  • Provide other security, compliance, and technical tasks as assigned by the Director of Security Engineering.

Desired Experience:

  • Knowledge of stack exploitation in C based languages
  • Experience with Mobile reverse engineering tools i.e. Cycript, jadx, hopper, etc
  • Ability to understand, explain, and demonstrate various security vulnerabilities & risks including XSS, CSRF, Code Injection, MitM, Brute-force/Dictionary/Rainbow Table attacks,
  • Programming experience in one or more languages (Python, Javascript, Java, Obj C or Swift preferred)
  • Experience supporting in company wide audits for regulations such as PCI or HIPAA, or other company certifications such as ISO 27001 or SOC 2
  • Experience defining and delivering security training to security professionals, engineers, and non-engineers
  • Demonstrable history of security centric publications, conference presentations, blog posts, etc…
  • Experience with AWS technologies and recommended security best practices
  • Excellent oral, written, and interpersonal communication skills.
  • Experience explaining technical and security concepts to both technical and non-technical resources in a consultative role.

Recruiting Agencies: While we really do appreciate what you do, and how challenging it can be, don’t do it. Please do not send us unsolicited resumes, either to our employees, job listings, or recruiting team. (We call those “free leads”). Mobiquity is not responsible for any fees related to unsolicited resumes.

Mobiquity is an equal opportunity employer. We feel strongly that the best ideas come from all sorts of directions and sources, and cutting ourselves off from anyone due to our own biases is simply bad business, as well as bad citizenship.

Job Type: Full-time