About the role

Principal Security Engineer at Binti focusing on securing software applications for social services. Conducting assessments, responding to incidents, and improving security architecture in a collaborative environment.

Responsibilities

Conduct Security Assessments: Provide holistic assessments of Binti’s security stance, including performing regular security reviews, code audits, penetration testing, and threat modeling to maintain the highest standard of application security.
Set Direction: Help Binti chart a specific and pragmatic course of action to achieve a strong security posture.
Respond To Incidents: Respond promptly to security incidents, collaborate with engineers on-call, and provide detailed post-event analyses.
Improve Security Architecture: In a leadership capacity with the Engineering team, identify, design, and implement technologies to enhance security automation.
Set Security Standards: Lead efforts to design and implement secure coding standards and best practices across the development lifecycle.
Share Expertise: Stay up to date on the latest security threats, vulnerabilities, and industry best practices.
Represent the Security team to other Binti teams and Binti leadership: Act as a steward of the Binti values.

Proven experience as an Application Security Engineer or in a similar role
Strong technical background with experience in full-stack development, cloud computing, and scalable architecture
Proficiency in one or more OOP coding languages (Ruby, Python, Java, etc) is strongly preferred
Strong understanding and knowledge of web application security principles, common vulnerabilities, and best practices
Excellent communication skills with the ability to simply convey complex security concepts to non-technical stakeholders
Focused on keeping the company secure while ensuring the team can still ship products and deliver value to customers and users
Experience cultivating a security-aware development culture that scales through mentorship and automation
A genuine interest in leveraging technology to address social challenges
A sense of pragmatism, resourcefulness, and focus to advance our security goals with a relatively small team
Prior experience with GovTech or FedRamp is a big plus

An above-market compensation package (salary + equity)
Excellent medical, dental, vision, and life insurance - 99% of insurance premiums covered for you + your dependents
Flexible vacation time to promote a healthy work-life blend
13 paid holidays; 11 federally observed holidays (including Juneteenth), plus Election Day and the day after Thanksgiving
16 weeks of paid parental bonding leave for the arrival of a newborn or newly placed infant
Sick/mental health time separate from vacation days (accrue up to a cap of 80 hours)
4 weeks of sabbatical after 4 years of service at the company
401k, Commuter benefits, FSA, and DCFSA with administration paid for
$5,000 annual bonus for employees who volunteer as a CASA (court-appointed special advocates)
$2,500 annual reimbursement for ongoing learning and development, with opportunities to attend trainings/conferences, on-site speaker series, and lunch and learns
$300 reimbursement for initial office setup
$50 a month effective work reimbursement to cover internet, electricity, office setup costs, or lunch/snacks with coworkers
Paid jury duty