Job Closed
This listing is no longer active.
BlackLine is a leading global provider of cloud software that controls and automates accounting and finance processes for businesses and organizations of all si
Senior Information Security Engineer
Location
India
Posted
57 days ago
Salary
0
Seniority
Senior
Job Description
Senior Information Security Engineer
BlackLine
Get to Know Us: It's fun to work in a company where people truly believe in what they're doing! At BlackLine, we're committed to bringing passion and customer focus to the business of enterprise applications. Since being founded in 2001, BlackLine has become a leading provider of cloud software that automates and controls the entire financial close process. Our vision is to modernize the finance and accounting function to enable greater operational effectiveness and agility, and we are committed to delivering innovative solutions and services to empower accounting and finance leaders around the world to achieve Modern Finance. Being a best-in-class SaaS Company, we understand that bringing in new ideas and innovative technology is mission critical. At BlackLine we are always working with new, cutting edge technology that encourages our teams to learn something new and expand their creativity and technical skillset that will accelerate their careers. Work, Play and Grow at BlackLine! Make Your Mark: Reporting to the Senior Director of Information Security, the Sr. Information Security Engineer will play a lead role in executing security strategy and consulting on best-in-class security architecture and security posture for BlackLine. In this role you will provide on-call duties, manage/triage ticket queues, review access requests, review architecture, implement security solutions, collaborate with cross-functional teams, perform vulnerability management functions, and execute the evolution of Blackline's Enterprise Information Security components. You'll Get To: - Participate in a 'follow-the-sun' on-call schedule, acting as the primary responder during the India shift to monitor, triage, and manage the security alerts queue. - Bridge the gap between research and remediation by developing manual runbooks (SOPs) and automated playbooks needed to handle threats and eliminate noise. - Establish the operational scope and testing boundaries for security assessments and penetration tests, focusing on targeted risk discovery and impact. - Apply a research-first mindset to incident response, demonstrating the critical thinking needed to independently triage threats and figure out new tools across a varied security landscape. - Operationalize security infrastructure through Terraform, with the foundational knowledge to independently research and implement automation across various providers and platforms. - Manage the operation of key security technologies, including Endpoint Detection and Response (EDR), Data Loss Prevention (DLP), and Web Application Firewalls (WAF). - Leverage AI and LLMs to accelerate security analysis, automate repetitive tasks, and drive operational efficiency across the security stack. - Flex into evolving security initiatives and technical projects as they arise, taking ownership of tasks that fall beyond the initial scope of this role. - Define effective information security standards applicable to specific environments. - Create and maintain operational reports and security metrics, translating raw data into the technical insights required for data-driven decision-making. - Serve as a technical leader and mentor, providing guidance to junior engineers and collaborating with cross-functional teams on security best practices. What You'll Bring: - 5+ years of hands-on information security experience, including 1 year of experience managing Web Application Firewalls (WAF). - Practical experience with cloud security platforms like SCCE, AWS Security Hub, or Azure Security Center, and the technical "scrappiness" to research and utilize new security services across a multi-cloud environment. - Strong problem-solving and analytical skills with the ability to identify security risks and propose effective solutions. - Highly autonomous and productive in performing activities, requiring minimal direction from management. - Proven ability to leverage scripting languages, such as Python, Bash, and PowerShell, to interface with applications and/or available APIs. - Expertise in Windows and with a working knowledge of Linux/Unix (advanced Linux skills are a big plus). - Working knowledge of network security-through understanding of the OSI model and comprehensive knowledge of common protocols and services for levels 3 through 7. - Advanced written and verbal communication skills including the ability to present technical subjects to non-technical audiences. - Maintain technical depth in common vulnerabilities and exploitation techniques to independently research, triage, and remediate complex security findings. We're Even More Excited If You Have: - Experience in securing Kubernetes and containers. - Hands-on experience with securing AI systems and LLMs. - Working knowledge of WMI and WSH in a modern security context. - Utilize outside the box thinking to define new and improved solutions or optimize current processes and tools. Thrive at BlackLine Because You Are Joining: - A technology-based company with a sense of adventure and a vision for the future. Every door at BlackLine is open. Just bring your brains, your problem-solving skills, and be part of a winning team at the world's most trusted name in Finance Automation! - A culture that is kind, open, and accepting. It's a place where people can embrace what makes them unique, and the mix of cultural backgrounds and varying interests cultivates diverse thought and perspectives. - A culture where BlackLiner's continued growth and learning is empowered. BlackLine offers a wide variety of professional development seminars and inclusive affinity groups to celebrate and support our diversity. BlackLine is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity or expression, race, ethnicity, age, religious creed, national origin, physical or mental disability, ancestry, color, marital status, sexual orientation, military or veteran status, status as a victim of domestic violence, sexual assault or stalking, medical condition, genetic information, or any other protected class or category recognized by applicable equal employment opportunity or other similar laws. BlackLine recognizes that the ways we work and the workplace itself have shifted. We innovate in a workplace that optimizes a combination of virtual and in-person interactions to maximize collaboration and nurture our culture. Candidates who live within a reasonable commute to one of our offices will work in the office at least 2 days a week.
Benefits
- 401(K), 401(K) matching, Childcare benefits, Commuter benefits, Company equity, Company-sponsored outings, Customized development tracks, Dedicated diversity and inclusion staff, Dental insurance, Disability insurance, Documented equal pay policy, Volunteer in local community, Employee stock purchase plan, Family medical leave, Fitness stipend, Flexible Spending Account (FSA), Flexible work schedule, Generous parental leave, Generous PTO, Company-sponsored happy hours, Health insurance, Highly diverse management team, Job training & conferences, Open door policy, Life insurance, Charitable contribution matching, Paid volunteer time, Online course subscriptions available, Open office floor plan, Paid holidays, Pair programming, Paid sick days, Onsite office parking, Partners with nonprofits, Performance bonus, Pet insurance, Promote from within, Lunch and learns, Remote work program, Free snacks and drinks, Team based strategic planning, OKR operational model, Team workouts, Continuing education available during work hours, Tuition reimbursement, Mandated unconscious bias training, Unlimited vacation policy, Vision insurance, Wellness programs, Some meals provided, Mental health benefits, Home-office stipend for remote employees, Diversity employee resource groups, Hiring practices that promote diversity, Employee resource groups, Employee-led culture committees, Quarterly engagement surveys, Hybrid work model, Employee awards, Pay transparency, Mother's room, Flexible time off, Floating holidays, Bereavement leave benefits
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Role Description Als Produktmanager übernimmst du eine zentrale Rolle: Du entwickelst unsere bestehenden Lösungen weiter, konzipierst neue Produkte und stellst sicher, dass unsere Standards auch künftig praxisnah, wirtschaftlich und wirksam bleiben. Deine Arbeit trägt direkt dazu bei, die Resilienz tausender mittelständischer Unternehmen zu stärken. - Verantwortung für den Produktlebenszyklus unserer ITQ-Produkte (Konzeption, Weiterentwicklung, Betrieb und Ablösung) inkl. Entwicklung von Produktvision und Roadmap - Fachliche Weiterentwicklung unserer Audits, Checklisten und der SaaS-basierten ISMS-Lösung unter Berücksichtigung von Kundennutzen, Wirtschaftlichkeit und strategischer Relevanz - Sicherstellung von Qualität und Konsistenz unserer Auditlogiken, Bewertungsmodelle und Berichte sowie kontinuierliche Verbesserung der Produkte - Weiterentwicklung praxisnaher Prüfmodelle im Spannungsfeld zwischen regulatorischen Anforderungen (z. B. ISO 27001, NIS2, BSI IT-Grundschutz) und KMU-Realität - Bewertung regulatorischer Entwicklungen und Übersetzung in umsetzbare, wirtschaftliche Produktanforderungen - Enge Zusammenarbeit mit Partnern, Auditoren und internen Teams sowie systematische Auswertung von Feedback aus Audits, Projekten und Schulungen - Koordination zwischen Geschäftsführung, Entwicklung und externen Stakeholdern inkl. Priorisierung und Übersetzung fachlicher Anforderungen - Unterstützung von Vertrieb und Partnermanagement sowie Durchführung von Schulungen (online & vor Ort) - Lead Auditor: Übernahme der Auditverantwortung und Weiterentwicklung der Auditmethodik Qualifications - Studium im Bereich Informatik/Wirtschaftsinformatik oder vergleichbar sowie mehrjährige Erfahrung im Produktmanagement, idealerweise im IT-, Audit-, Compliance- oder IT-Dienstleistungsumfeld - Fundiertes Verständnis von Informationssicherheit (z. B. ISO 27001, NIS2, BSI IT-Grundschutz) sowie Erfahrung mit Audit-Tools, ISMS-Software oder Compliance-Strukturen - Kenntnisse im KMU-Umfeld sowie idealerweise Erfahrung im Systemhaus-, MSP- oder IT-Beratungsumfeld und mit Partnermodellen - Strukturierte, analytische und pragmatische Herangehensweise mit klarer Priorisierung und Entscheidungsstärke - Fähigkeit, komplexe regulatorische Anforderungen in praxisnahe, skalierbare und wirtschaftliche Lösungen zu übersetzen - Kommunikationsstärke auf Augenhöhe, hohe Eigenverantwortung sowie sicheres Agieren zwischen unterschiedlichen Stakeholdern Requirements - Gleitzeit mit flexiblen Arbeitszeiten - Flexibler Arbeitsort (Remote oder optional im Office in Babenhausen) - Moderne technische Ausstattung - Kleines, schlagkräftiges Team mit kurzen Entscheidungswegen - Hoher Gestaltungsspielraum und echte Produktverantwortung - Direkter Einfluss auf die Informationssicherheit im deutschen Mittelstand - Regelmäßige Team-Events und jährliche Workation - Kontinuierliche Weiterbildungsmöglichkeiten - 30 Tage Urlaub Benefits - Wir bieten dir...
• Partner with Affirm product teams to ensure that security is included in every phase of the product development lifecycle. • Conduct threat modeling and architecture reviews to ensure threats are understood, documented, and mitigated. • Review and analyze product source code to identify security vulnerabilities and provide recommendations for secure implementation. • Seek out opportunities to automate processes when appropriate. • Identify emerging classes of vulnerabilities and developing solutions for them before they’re a problem. • Assist product teams in the development of security focused test cases to enforce security requirements. • Advise product teams on business security requirements early in the product development lifecycle. • Decompose large, cross-team projects into individual tasks. Manage scope across teams and drive toward project closure.
Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm values information security as a critical part of the company’s continued success. Our mission is to make information security programmatic and cultural in Affirm, enabling the company to succeed in building honest financial products. The Security team posture increases security and reduces risk while securely enabling access to information for those who need it! The Staff Product Security Engineer candidate will have experience building and architecting software as part of a larger team. The ideal candidate will work effectively with product and engineering teams to evaluate and influence product requirements, design, and implementation to improve the security of Affirm’s products. What You'll Do - Partner with Affirm product teams to ensure that security is included in every phase of the product development lifecycle. - Conduct threat modeling and architecture reviews to ensure threats are understood, documented, and mitigated. - Review and analyze product source code to identify security vulnerabilities and provide recommendations for secure implementation. - Seek out opportunities to automate processes when appropriate. - Identify emerging classes of vulnerabilities and developing solutions for them before they’re a problem. - Assist product teams in the development of security focused test cases to enforce security requirements. - Advise product teams on business security requirements early in the product development lifecycle. - Decompose large, cross-team projects into individual tasks. Manage scope across teams and drive toward project closure. What We Look For - Deep understanding of web application architecture and design principles - Experience using modern software development and delivery techniques to develop cloud-based services. Python, Kotlin, Java, AWS, and Azure experience preferred. - Knowledge of common security flaws and resolution as published by OWASP, SANS, etc. - Experience with PCI or other regulated environments. - Experience conducting threat models for complex, distributed products using standard threat modeling techniques and methodologies. - Experience with standard authentication mechanisms, including SAML and OAuth2. - Understanding of continuous integration / continuous deployment processes and tools. - BS degree in related field or equivalent experience. MS degree in a related field or equivalent experience is a plus. Location - Remote Canada Pay Grade - P Equity Grade - 7 Employees new to Affirm typically come in at the start of the pay range. Affirm focuses on providing a simple and transparent pay structure which is based on a variety of factors, including location, experience and job-related skills. Base pay is part of a total compensation package that may include monthly stipends for health, wellness and tech spending, and benefits (including 100% subsidized medical coverage, dental and vision for you and your dependents). In addition, the employees may be eligible for equity rewards offered by Affirm Holdings, Inc. (parent company). Base pay range per year: $178,000 - 228,000 CAD This posting is for an existing vacancy. #LI-Remote Affirm is proud to be a remote-first company! The majority of our roles are remote and you can work almost anywhere within the country of employment. Affirmers in proximal roles have the flexibility to work remotely, but will occasionally be required to work out of their assigned Affirm office. A limited number of roles remain office-based due to the nature of their job responsibilities. We’re extremely proud to offer competitive benefits that are anchored to our core value of people come first. Some key highlights of our benefits package include: - Health care coverage - Affirm covers all premiums for all levels of coverage for you and your dependents - Flexible Spending Wallets - generous stipends for spending on Technology, Food, various Lifestyle needs, and family forming expenses - Time off - competitive vacation and holiday schedules allowing you to take time off to rest and recharge - ESPP - An employee stock purchase plan enabling you to buy shares of Affirm at a discount We believe It’s On Us to provide an inclusive interview experience for all, including people with disabilities. We are happy to provide reasonable accommodations to candidates in need of individualized support during the hiring process. [For U.S. positions that could be performed in Los Angeles or San Francisco] Pursuant to the San Francisco Fair Chance Ordinance and Los Angeles Fair Chance Initiative for Hiring Ordinance, Affirm will consider for employment qualified applicants with arrest and conviction records. By clicking "Submit Application," you acknowledge that you have read Affirm's Global Candidate Privacy Notice and hereby freely and unambiguously give informed consent to the collection, processing, use, and storage of your personal information as described therein.
• Provide influence and leadership over Samsara’s Enterprise Security roadmap and priorities, helping to balance both near-term and long-term business impact with technical considerations • Write clear, concise documentation and runbooks for enterprise security workflows • Collaborate with partners across Engineering, IT, and Security to ensure proper implementation of security tools and policies • Occasionally assist the Security Operations team during security investigations, acting as a technical subject matter expert within your domain • Partner with engineering teams to triage and support remediation of vulnerabilities and misconfigurations in systems and applications • Mentor engineers in the Security team to grow their domain knowledge, tool-specific skills, and communication abilities • Champion, role model, and embed Samsara’s cultural principles as we scale globally and across new offices
