Senior Security Engineer
At Auror, we’re empowering the retail industry to tackle theft and Organised Retail Crime, a $150 Billion problem globally. It’s high-volume crime that’s increasingly organised in nature and is putting people, retailers, and communities at risk every day.
Founded in New Zealand 11 years ago, we’re working with some of the best and largest retailers in the world across the US, Canada, Australia, New Zealand, and the UK.
Auror is connecting people and intelligence to reduce crime. We’re using technology for good. In partnership with our leading retail partners, we need people with the passion, determination, and innovation required to overcome one of the world's largest problems. If you’re looking to make a difference with and for the people dedicated to stopping crime, for good, then we want you on our team.
About the Role
We are hiring for a Senior Security Engineer at Auror to help raise the bar on security through collaborating with cross-functional teams to provide guidance on security best practices. You’ll be hands-on solving problems at scale and you’ll be a part of the team that seeks to secure all things Auror.
Some of the responsibilities of this role include:
- You will partner with our Site Reliability Engineers to look at the logs ingested and data in our azure portal and evaluate what trends or things that are happening and implement changes where needed.
- Being part of the new Blue Team at Auror. This is all about analysing incoming traffic and events and evaluating actions to take while balancing short term engineering fixes with larger long term security goals and initiatives. The effort of Blue teams is large and newly formed so you will have the opportunity to help shape this for Auror. The role will also include incident response and vulnerability research. Here is more on what Blue teams do.
- Working within the security team and partner teams to discuss and build the security policies, procedures, and methods that we will use to help shape the future of security for Auror.
- Supporting our customer team to sign, and onboard new customers as quickly and efficiently as possible by working with them on Customer Security Reviews.
- Consult with other Engineers and Product Managers to analyse and propose application security standards, methods, and architectures as we continue to build and grow our platform.
- Working with the wider Engineering team to review features for potential security risk. This could include performing threat model analysis or setting up security feature questions and looking at our existing code in our domain to help find and remediate any outdated or vulnerable code in partnership with the development and operational teams.
- You will be a part of the team developing security training, giving guidance to other internal teams, and helping define our secure development (SDLC) process and procedures.
- Operate SIEM tooling that includes writing queries, running log analysis, and operating playbooks for specific evaluations.
- Perform SAST/DAST evaluations of code for risks and vulnerabilities.
You will be reporting to Scotland Symons, Director of Information Security
Scotland has been working in the Technology & Security industry for the last twenty years and has worked for Microsoft, Apple, Amazon, and a few more. Coming to Auror from the US, she runs the security team at Auror focusing on all of our efforts to secure the platform, code and efforts to protect Auror and its customers. In Scotland's own words:
Security for me is about critical thinking and flexibility. Security is also not linear and requires lots of exploration and through good iteration driving towards the goal of good architecture. I try to weigh the needs of immediate action with long term Security & Engineering efforts while weighing the need of keeping the business going. The role of Information Security can sometimes be stressful especially in times where there is an incident and so I try to approach things with deep honesty as well as levity. I always keep failure in mind but don’t look at it as a dead end but rather an opportunity to learn how to get up and keep going.
Check out Scotland's LinkedIn here.