Senior Security Engineer

New York, United States · Engineering expand job description ↓


Our mission is to make communities more resilient. We do this by pairing external data with artificial intelligence to identify areas of high risk and prevent catastrophic loss for utilities across the country. We are a team of close-knit engineers, entrepreneurs, and data geeks who obsess over problem solving, new technologies, and making a positive impact in our communities.

We are seeking an experienced Security Engineer to take charge of the security of our applications, systems and organization.

You will have a passion for looking at security from a holistic perspective while also being able to communicate and apply specific changes to the various parts. You will be the first dedicated member of the security team and responsible for implementing and educating.

What You'll Do

  • Maintain and Expand Urbint’s Compliance Certifications - Urbint is currently working through SOC2 Type 1 compliance and will be looking to achieve Type 2 by the end of the year. There is a potential need for ISO 27001 compliance and other requirements of doing business within the largely impactful utility industry are likely to arise.
  • Establishing and Responding to Automated Security Systems - maintain our existing antivirus and intrusion detection systems and respond to any of their alerts. Integrate QualysGuard into the automated monitoring toolset and identify and add other mechanisms for maintaining the security of our systems.
  • Integrate security practices into our SDLC - create practical mechanisms for ensuring security during our development and maintenance process and educate developers on security best practices.
  • Policy Evolution - current security practices within Urbint are managed by our Information Security Policy. You will be responsible for maintaining and evolving this policy as well as identifying any gaps.



  • 6+ years of experience applying security practices to software-as-a-service organizations
  • A deep understanding of compliance practices within SaaS software and regulated industries
  • Strong experience with:
    • Linux Servers
    • Virtualization & Containerization (Google Cloud, Kubernetes)
    • Database systems (Postgres)
    • System Security Deployments (Tripwire, ClamAV, IDS/IPS systems)
    • QualysGuard and/or Nexpose
  • Experience with SOC2, ISO 27001 and/or other strict, auditable compliance
  • Working knowledge of common best practice standards: SSAE 16, DoD 5220-22-M, NIST 800-88, OWASP Top 10, SANS Top 20
  • Strong written and verbal communication and organizational skills
  • Solid programming experience with Python and JavaScript is a huge bonus


What We Offer:

  • Mission Driven - Some companies use AI to serve better digital ads and trade stocks, we seek to make our communities more resilient.
  • Top Compensation - Competitive compensation package.
  • Best in Class Medical Coverage - 100% benefits and premiums paid.
  • Prime NoHo Location - Our office sits in the heart of NYC’s historic NoHo district and is just minutes away from the BDFM and 6 subway lines.
  • Health Perks - Gym reimbursement and citibike membership.
  • Strong Culture - collaborative office focused on teamwork, humility, and hustle.
  • Catered lunch on Thursdays, plus a kitchen filled with snacks and drinks.

We're an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

Personal information
Your Profile
Application Details
Do you have experience with Linux Servers?
Do you have experience with Virtualization & Containerization (Google Cloud, Kubernetes)?
Do you have experience with Database systems?
Do you have experience with System Security Deployments?(Tripwire, ClamAV, IDS/IPS)
Do you have experience with QualysGuard and/or Nexpose?
Do you have experience with SOC2, ISO 27001 and/or other strict, auditable compliance?
Do you have a working knowledge of common best practice standards? (SSAE 16, DoD 5220-22-M, NIST 800-88, OWASP Top 10, SANS Top 20)
Do you have programming experience with Python and JavaScript?