Security Engineer

Any US or Canada - remote /
Engineering – Security /
Full-time
About Us

Coalition’s Insurance and Cybersecurity offerings come together to provide a comprehensive shield from cyber risk. We believe the task of locking down every system and keeping up with every vulnerability is challenging and while being proactive is important, it’s not enough because breaches and other compromises happen, even to the vigilant.

While we proactively help our customers understand active risks and shut them down, when all else fails, we are there for them financially and with services to help mitigate damage and come back stronger after an incident.

Help us protect the world against cyber risk and give business owners a trusted support system and fighting chance.

We have over 25,000 customers, ranging from small and mid-sized businesses to Fortune 500 companies. Founded in 2017, Coalition has raised $125M from a number of top tier global investment firms including Ribbit Capital, Greenoaks Capital, Valor Equity Partners, Felicis Ventures, and Vy Capital.  Headquartered in San Francisco, Coalition’s team is distributed across more than 15 locations globally, including Austin, Washington DC, Denver, Canada and Portugal.

Coalition Engineering

Our culture is one of character, humility, responsibility, purpose, authenticity, and no a-holes. We are growing rapidly and that growth is enabled by strong teamwork, communication, and mentorship. We want people who are passionate about becoming experts in both the business and the technologies that support it.
Our core platform is written mostly in Python with some services in Java and Go. We prefer to use the right tool for the job and make pragmatic decisions about how to scale and de-couple systems as we continue to grow. We’re looking for someone who can navigate a cloud environment (AWS) with many moving pieces and systems to help the team understand how they fit into the broader puzzle.

About The Role

The Coalition Security team is comprised of bright minds across many cybersecurity domains, with expertise in Red Teaming, Threat Intelligence, Cyber Risk Management, and Defensive Security Controls. In the Security Engineering role your mandate is to protect our customers from loss.  As a part of this mandate you might find yourself analyzing data breaches and claims events, conducting client security gap analysis, assisting with penetration testing / red-team assessments, or otherwise working across our client base on topics ranging from security architecture and cloud security, to data protection and compliance.  
You will also have an opportunity to work with our product team to codify security best practices into our underwriting algorithms, rating models, and risk management apps.

Responsibilities

    • Review and analyze the security posture of insureds or potential insureds quickly and efficiently.
    • Evaluate customer security programs, technologies, controls, and business environments; recommend and develop enhancements
    • Triage security incidents and claims, understand the root cause, and develop detection tradecraft from threat intelligence.
    • Build security automation tooling to rapidly integrate optimizations into our underwriting system.
    • Assist with developing Information Security Plans and Policies, including those for Incident Response, customized to customer requirements and risk profile.
    • Provide recommendations on solutions to help customers manage information security risk.
    • Track emerging security practices and contribute to building internal processes, and our various products.
    • Stay abreast of the current regulatory environment, industry trends and related implications.

Requirements

    • Bachelor’s Degree in Computer Science, Information Security, Engineering or equivalent work experience.
    • Minimum of 2-4 years of security analysis or penetration testing experience.
    • Demonstrated expert understanding of the life cycle of network threats, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures. 
    • Knowledge of TCP/IP Protocols, network analysis and network/security applications, including log and network traffic capture analysis.
    • Experience with Nmap, Nessus, Nexpose, Qualys, Burp, Kali, Metasploit, Meterpreter, or other offensive tools.
    • Knowledge of industry standard frameworks – NIST, ISO, HIPAA, PCI.
    • Self-motivated; entrepreneurial spirit; comfortable working in a fast-paced, dynamic environment.
    • Strong interpersonal communication skills (verbal & written).
    • Aptitude to learn technical concepts/terms, and ability to manage multiple tasks/projects simultaneously.

Bonus Points

    • Securing cloud based platforms (Microsoft Azure, Amazon AWS, etc.). Experience with system hardening procedures for Windows, Linux, Unix is helpful. 
    • Knowledge or experience with EnCase, FTK, SIFT, Volatility, Splunk, Graylog, ELK/Logstash, WireShark, Zeek, or other open source forensic/log analysis/network analysis tools.
    • Knowledge of programming and scripting for development of security tools and industry frameworks is helpful.
    • SCADA / Control systems network experience a plus.

Perks

    • Enjoy a highly fulfilling, mission-driven culture
    • Health, dental, and vision benefits for you and your family
    • Life insurance and disability benefits
    • Paid Parental Leave
    • 401(k) plan
    • Wellness and commuter benefits
    • Flexible working hours
    • Open vacation days
    • We embrace distributed work; some benefits will vary by location
    • You are an owner! We offer stock options to each of our employees 
    • More details at https://www.coalitioninc.com/careers
Why Coalition?
 
We are all here to build something we believe in and to make a company that will last. We’re also assembling a team of expert incident responders, threat and malware researchers, and security analysts to protect our customers before, during, and after a cyber incident. Our goal is to harness the power of technology with the safety of insurance, to provide the first holistic solution to cyber risk. Coalition's culture is one that strongly values humility, authenticity, and diversity. We want to work with people of different backgrounds and different paths in life, and we trust our team members to take responsibility, share ownership and work for one another. We are always looking for collaborative, inquisitive and dedicated individuals to join our team.
 
Recent press releases: 
https://news.crunchbase.com/news/coalition-secures-90m-series-c-at-890m-valuation-to-grow-cyber-insurance-platform/
https://www.forbes.com/sites/amyfeldman/2020/05/28/next-billion-dollar-startups-2020/
 
Coalition is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.