Senior Security Engineer

At Podium, our mission is to help local businesses win. Our lead conversion platform, powered by AI and integrations, helps local businesses convert leads faster, communicate easier, and make more sales. Every day, thousands of local businesses utilize our review management, communication, marketing, and payments products.  Our work and focus on helping local businesses thrive has been recognized across the industry, including Forbes’ Next Billion Dollar Startups, Forbes’ Cloud 100, the Inc. 5000, and Fast Company’s World’s Most Innovative Companies. At Podium, we believe in fostering a culture that thrives on hiring and developing exceptional talent. Our serve as a compass, guiding daily behavior and decision-making, and ensure we hire people who will thrive at Podium. If you resonate with our operating principles and are energized by our mission, Podium will be a great place for you The Role As a Senior Security Engineer at Podium, you will play a key role in shaping and implementing our corporate security strategy. Reporting to the Director of Security and collaborating with audit and compliance teams, you will design, implement, and manage secure solutions that align with our architectural designs, best practices, and regulatory requirements. Your expertise will help us navigate the evolving threat landscape and ensure our security measures are robust and forward-thinking. In this position, you will be responsible for architecting solutions that secure our business operations and enable innovation. You'll work closely with diverse teams, including IT infrastructure, application development, security operations, and end users, to protect our organization and its assets. Your role will also involve guiding less experienced team members and providing technical leadership. What you will be doing: Stay updated on new security threats and ensure our systems can defend against them. Own cloud infrastructure security Own AI security Manage vulnerability management system Research and recommend new security solutions to enhance our security posture. Develop and enforce security team standards, policies, procedures, and processes. Plan and execute incident response and postmortem exercises, creating measurable benchmarks. Conduct table-top exercises for Business Continuity/Disaster Recovery (BC/DR) and Incident Response testing. Drive security efficiencies through automation and integration across technology and security architecture. Collaborate with IT, engineering, development, and business teams to ensure security measures are effective and do not impede business processes. Perform engineering performance testing to ensure security solutions are robust. Provide day-to-day support for hardware, software, and managed solutions, ensuring they meet security standards. Lead security team meetings and participate in security projects to evaluate and improve our security infrastructure. Assist with incident response and system stability issues as needed, including outside regular work hours. Ensure compliance with privacy laws and work with various teams to secure business-to-business initiatives, third-party relationships, and outsourced solutions. Respond to service and escalation tickets and develop security test plans. Regularly participate in change management meetings and follow security engineering fundamentals and processes. What you should have: 6+ years of experience in cybersecurity, including compliance and risk management. Experience with cloud environments (AWS, GCP). Strong technical and analytical skills, with a system and network security engineering background. Experience in cloud computing technologies, including software-, infrastructure-, and platform-as-a-service. Extensive knowledge of security controls and technologies, such as SIEM, IDS/IPS, PKI, IDAM, antivirus, firewalls, EDR, threat intelligence platforms, security automation, and orchestration. Proficiency in meeting vulnerability management and penetration testing requirements. Excellent communication skills to articulate business risk from cybersecurity issues. Experience managing various security monitoring tools and platforms. A track record of integrity, excellence, curiosity, and adaptability. Additional qualifications include proficiency in scripting languages (Python, JavaScript, PowerShell, PHP, or Ruby) and regulatory standards (ISO 27001, NIST, PCI DSS, HIPAA, GDPR, etc.). What we hope you have: Familiarity with state privacy laws and ability to think strategically and tactically. Highly trustworthy, with solid leadership qualities and a proactive approach to anticipating threats. Bachelor's degree in computer science, information assurance, MIS, related field, or equivalent experience. Relevant certifications such as CISSP, CRISC, CGEIT, or related. Benefits: Open and transparent culture  Life insurance, long and short-term disability coverage Paid maternity and paternity leave Fertility Benefits Generous vacation time, plus three 4-day summer holiday weekends Excellent medical, dental, and vision benefits 401k Plan with competitive company matching Bi-annual swag drops with cool Podium gear and apparel  A stellar HQ (Utah) gym with local professional coaches and classes offered Onsite HQ (Utah) child care center, subsidized for employees Additional benefits for fully remote employees Podium is an equal opportunity employer. Podium provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, national origin, sexual orientation, gender identity or expression, age, disability, genetic information, marital status or veteran status.