About the job

Renegade Insurance, is a modern, tech-enabled P&C insurance agency that provides an environment for employees to become exceptional through dynamic contribution and growth opportunities. We leverage our cutting-edge proprietary technology, our highly efficient and customer-centric service organization and our state-of-the-art agency model to be a disruptive force in the insurance industry.

Responsibilities for Security Engineer roles

• Develop security training and guidance to internal development teams and employees in other departments across the company
• Provide subject matter expertise on architecture, authentication and system security
• Create and maintain artifacts in a protected repository established as a single source of truth
• Assess security tools and integrate tools as needed, particularly open-source tools
• Assist with recruiting activities and administrative work
• Technical Skills
• Familiar with DLP tooling and practices. Preferably using Microsoft products
• Familiar with common security libraries, security controls, and common security flaws that apply to Java applications
• Ability to discover and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond).

• Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP
• Knowledge of browser-based security controls such as CSP, HSTS, XFO
• Experience with standard web application security tools. SAST, DAST, etc
• There should also be time to participate in development of Renegade
• Code quality
• Proactively identify and reduce security risks
• Find and remove outdated and vulnerable code and code libraries
• Communication
• Consult with other Developers and Product Managers to analyze and propose application security standards, methods, and architectures.

• Handle communications with employees and design appropriate mitigation strategies for reported vulnerabilities
• Educate other developers on secure coding best practices
• Ability to professionally handle communications with outside researchers, users, and customers
• Ability to communicate clearly on technical issues
• Performance & Scalability
• An understanding of how to write code that is not only secure but scales to a large number of users and systems

General Requirements for Security Engineer roles

• You have a passion for security and open source
• Be positive and solution oriented
• Constantly improve product security
• You are a team player, and enjoy collaborating with cross-functional teams
• You are a great communicator
• You employ a flexible and constructive approach when solving problems
• You share our values, and work in accordance with those values
• Transparency
• Extreme Ownership
• Continuous improvement through self-reflection
• Leverages security expertise in at least one specialty area
• Triages and handles/escalates security issues independently
• Conduct security architecture reviews and makes recommendations
• Great written and verbal communication skills
• Interview security candidates during hiring process

Note From The Remote JobHunters:

• When you apply, be sure to mention that you heard about this position from The Remote JobHunters!
• Looking for more entry-level remote positions? If so, be sure to join The Remote JobHunters Facebook group, Subreddit, and subscribe to our weekly newsletter!