Overview

Are you energized by the opportunity to bridge SaaS operations and pragmatic security practices? Are you passionate about both sharing your technical talents and amplifying others? We are looking for a hands-on, highly collaborative Security Engineer to design, assess, and champion security best-practices across Origami Risk.

Origami Risk Information Security operates as trusted subject matter experts in multiple technology domains, embedding within and directly supporting our IT, Development, and Services organizations to deliver mission-critical, highly secure SaaS capabilities at both speed and scale. We believe effective security begins with providing secure solutions to key business requirements and technical partnership via guardrails not roadblocks.

Starting base pay for this role is between $140,000 and $175,000. The actual base pay is dependent upon many factors, such as transferable skills, work experience, business needs, training, location, and market demands. The base pay range is subject to change and may be modified in the future. This role will also be eligible forbonus and benefits.

Origami Risk is proud to be an equal opportunity employer. We thrive and benefit from diversity and are committed to creating an inclusive and equitable environment for all employees. We do not discriminate against any individual based upon race, religion, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, color, sex, national origin, age, marital status, military or veteran status, disability, or any other characteristic protected by applicable law.

Responsibilities

• Foster and evangelize security culture across diverse and fast-paced teams with technical credibility, personal empathy, and service • As a true subject-matter-expert, design, deploy, manage, and improve critical security infrastructure services and tools to include Cloud Architecture, Endpoint Defense, Identity Access Management, PKI, Secrets Management, Threat Detection, and Vulnerability Management• Provide daily oversight of security operations, to include the security impact analysis of proposed system modifications and implementations.• Monitor information security tools, including SIEM, system monitors, access control, and other specific cloud security controls• Respond to information system security incidents related to computer-based attacks, unauthorized access, and policy breaches• Conduct compliance reviews on both internal cloud infrastructure and within our internal colleague environments• Drive remediation activities with stakeholders, including developing remediation plans, tracking, and reporting remediation progress• Stay up to date and proactively informed on developing security technologies, in capability and technical implementation

Qualifications

Requirements:

• 5 years of Information Security experience, with demonstrated experience across multiple domains, e.g., Application, Cloud Infrastructure, Security Operations

• 2 years of direct Cloud IaaS/SaaS/PaaS architecture design, AWS preferred

• Experience in one or more programming or scripting languages, including integration with CSP APIs

• Experience deploying and customizing security tools: vulnerability scanners, infrastructure as code (IaC) security scanners, firewalls, IDS/IPS, endpoint and network security monitoring, etc.

• Hands-on experience with securing CI/CD pipelines for cloud-native deployments

• Knowledge of networking and web protocols (TCP/IP, HTTP, TLS, REST), and the ability to analyze traffic to find anomalies

• Experience in incident response process, with a focus on detection, mitigation, and stakeholder communications

• Dynamic technical leadership acumen, both cross-functionally and directly supporting highly technical staff

• Demonstrated ability to collaborate with other teams to achieve complex objectives

Additional Qualifications:

• Project management experience, including direct teams and external partners• You thrive in an environment encouraging a broad, collaborative impact, with outcomes prioritized above org. charts• You foster credibility and collaboration with technical stakeholders by mapping security control requirements to practical solutions for various technologies• You are biased to action at speed, comfortable with ambiguity, and able to distill complexity to clarity across varied technical disciplines• You recognize the magic of facilitating people with diverse talents, perspectives, and technical backgrounds in accomplishing great things together

Who We AreOrigami Risk is a leading provider of integrated SaaS solutions for risk management, insurance, safety, and compliance. We've designed our single-platform, cloud-based software to be easily configurable to meet the needs of insured corporate and public entities, brokers and risk consultants, insurers and MGAs, third party claims administrators (TPAs), risk pools, and more. To fulfill our singular focus of helping our clients achieve their business objectives, our software is supported by a best-in-class service team of experienced risk, insurance, and safety professionals who have an ideal balance of industry knowledge and technological expertise.

Since its founding in 2009, Origami Risk has received more than two dozen awards for service excellence, technology innovation, and workplace culture. In addition to inclusion in Deloitte’s Technology Fast 500™, a ranking of the 500 fastest-growing tech companies in North America, Origami Risk also has been repeatedly recognized by Inc. magazine as one of the “Best Places to Work” and Best and Brightest® Companies To Work For in the Nation by the National Association for Business Resources (NABR).