Security Operations Engineer, ONE
$175-220k
Ethical personal finance platform
Open for applications
Ethical personal finance platform
501-1000 employees
Open for applications
$175-220k
501-1000 employees
Company mission
To help people live healthier financial lives.
Role
Who you are
- 5+ years working experience in Information Security, preferably with a focus on vulnerability management and security assessments, with experience in proactive security engineering
- Business acumen and ability to effectively communicate business risk from cybersecurity issues to audiences with varying levels of technical background
- Experience with at least one major cloud service provider: AWS, GCP, Azure
- Strong knowledge of: cloud computing, defense-in-depth strategies, secure design patterns for applications and platforms
- Deep understanding of security threat modeling, risk prioritization, and operational and technical security measures (including using industry frameworks, such as MITRE ATT&CK)
- Preferably, proficiency for automation and tool development purposes in TypeScript
- Excellent analytical and problem-solving skills, with the ability to prioritize and manage multiple tasks in a fast-paced environment
What the job involves
- As a Security Operations Engineer, your mandate is to find and remediate weaknesses in ONE’s security posture
- This role will determine the current threat landscape and its applicability to ONE’s environment, and ensure swift responses to security events
- This role will impact ONE’s vision by ensuring the safety of customer data and finances through regularly working with a variety of people in security, product, third parties, and other business functions to rapidly identify and mitigate security issues
- Success in this role looks like ensuring the success of ONE’s vulnerability management program, identifying and mitigating security issues through both industry-standard and innovative techniques, and maturing ONE’s red and purple team activities
- Collaborating with cross-functional teams to identify, assess, and prioritize vulnerabilities within the organization's systems and infrastructure
- Performing vulnerability discovery using both industry-standard and custom-built tools and techniques, triaging results and prioritizing remediation efforts
- Tuning vulnerability discovery tooling to optimize for ONE’s environment and specific threat models
- Coordinating and overseeing the patch management process, including the deployment of security patches and updates to mitigate known vulnerabilities in a timely manner
- Conducting application and infrastructure penetration testing, vulnerability assessments, and security evaluations of inter-system integrations and application deployments to proactively identify weaknesses and gaps in the organization's security posture
- Performing threat hunting activities and maturing ONE’s red and purple team activities
- Mature ONE’s threat intelligence program to rapidly evolve controls in response to the current threat landscape
- Maintaining accurate records of vulnerabilities, remediation activities, and risk assessments. Prepare and present comprehensive reports to stakeholders highlighting key findings, trends, and recommendations
- Staying abreast of emerging threats, vulnerabilities, and security technologies. Recommend and implement process improvements and security controls to enhance the organization's security posture
- Participating in a 24x7 security incident response on-call rotation
Our take
Banks have a poor image and are often perceived to not care about their customers. ONE Finance has the financial well-being of its clients at the heart of what it does. Offering equal access to high-yield savings rates and affordable credit that grows. Its signature feature is the ability to organize money in multiple sub-accounts that ONE calls “Pockets,” whether to pay specific bills or save toward goals. You can also set up shared “Pockets” with partners or friends for joint saving objectives.
ONE is part of a new wave of digital banking apps that have the potential to disrupt traditional legacy systems, driven by European firms such as Triodos in the Netherlands. ONE Finance is clear that it doesn’t use deposits for anything that exploits the Earth's resources or is involved in the arms trade, setting it apart from other recent endeavours from Monzo and Revolut who aren’t so forthcoming about where its funds are invested.
In 2022, ONE was acquired by Hazel, a FinTech company which was launched by Walmart and Ribbit Capital and which also acquired Even Responsible Finance at the same time. The companies have merged under the ONE brand, combining workforces, products and operating budgets, and will benefit from Walmart's support and marketing reach.
Freddie
Company Specialist
Insights
Few candidates hear
back within 2 weeks
68% employee growth in 12 months
Company
Funding (last 2 of 3 rounds)
Aug 2021
$40m
SERIES B
Mar 2020
$17m
SERIES A
Total funding: $66m
Company benefits
- Benefits effective on day one
- Early access to a high potential, high growth fintech
- Generous stock option packages in an early-stage startup
- Remote friendly (anywhere in the US) and office friendly - you pick the schedule
- Flexible time off programs - vacation, sick, paid parental leave, and paid caregiver leave
- 401(k) plan with match
Company HQ
Civic Center, New York, NY
Articles
Leadership
Brian Hamilton
(Chief Commercial Officer)Started their career at Wells Fargo Foreign Exchange before leaving after almost 8 years to join Clear2Pay in 2006. They founded Isomer Labs, PushPoint, and Azlo before starting One as CEO in February 2019.
Share this job
View 15 more jobs at ONE