CARET brings the latest in technology and automation to over 10,000 legal and accounting firms, empowering highly skilled professionals to refocus their expertise on what truly matters. CARET harnesses powerful and secure practice management, document automation, and payment processing to take firms, professionals, and their clients further.
Our team-defined values guide how we show up for each other, for our partners, and for our customers:
We succeed together We embrace progress We care big We create space To join our remote-first, engage from anywhere team, visit
The Senior Security Engineer should have a strong and demonstrated aptitude for Cyber Security with experience in Cloud Security (CloudSec), Vulnerability Management & Response (VMR), and Compliance audits (SOC2, PCI DSS, ISO 27001). Your experience should be supported by extensive and diverse experience in leading high-profile technical programs and projects. Your capability to review and advise on Security matters should span into the domain knowledge of Systems Engineering, Network Operations, and Application Development.
Responsibilities:
Design, implement, manage, and automate robust cybersecurity solutions to safeguard our networks, systems, and applications. Conduct thorough security assessments and risk analysis to identify vulnerabilities and recommend appropriate measures for mitigation. Collaborate with cross-functional teams to integrate security best practices into the development lifecycle of applications and infrastructure. Monitor and respond to security incidents, conduct incident investigations, and implement incident response strategies. Stay abreast of emerging threats and vulnerabilities, and proactively implement measures to counteract potential risks. Develop and deliver cybersecurity training programs to educate staff on security best practices and promote a security-conscious culture. Evaluate and recommend new technologies, tools, and methodologies to enhance our cybersecurity posture. Conduct regular security audits and assessments to ensure compliance with industry standards and regulatory requirements. Provide expertise and guidance on security-related matters to internal stakeholders and leadership. Requirements
Requirement Skills / Abilities:
Minimum 5+ years of continuous experience in Cyber Security including Engineering, Operations, and/or Compliance Deep technical knowledge of Cyber Security, DevOps, and InfraOps is preferred Security Architecture principles (Defense-in-Depth, Least Privilege, Zero Trust, etc.) Hybrid Environments (Azure, On-Prem Networks, Containers, Endpoints, etc.) Security Program Phases (Risk Assessment, Architecture and Design, Implementation, Operations and Monitoring) Strong organization and leadership skills with the ability to facilitate technical sessions and capable of communicating complex technical information to a non-technical audience Certification in at least one of the following OSCP, CCSA, CISA, or CISSP Knowledge of NIST, CIS Top 18, and other applicable Security Industry Standards and Best Practices Scripting and Automation (Python, PowerShell, API) Experience with Microsoft Defender, Rapid7, CoalFire, and Trivy are positives Benefits
Flexible PTO Summer Fridays No meeting Fridays Medical, Dental, Paid Sick Days, Vision, and Supplemental Coverage Flexible Spending Account Health Savings Account 401(k) match