Hackajob
is collaborating with
Olo
to connect them with exceptional tech professionals for this role.
Olo is a leading SaaS platform accelerating digital transformation in the restaurant industry, by helping customers deliver more personalized and profitable guest experiences. As a result, our digital ordering, payment, and guest engagement solutions enable brands to do more with less and make every guest feel like a regular.
As Senior Security Engineer II, you will help Olo reduce identified risks, respond to adversarial attacks while maintaining the up-time of our systems, and implement the right strategic risk mitigation measures to safeguard the data of our clients and their customers while supporting innovation. You will also provide white glove service and support to internal and external stakeholders by addressing security questions and support issues as needed, and by mentoring other engineers in how to best provide support. Additionally, you will help in the identification and prioritization of future project initiatives based on risk, and execute on cross-functional projects with a high degree of ownership and excellence, all while actively mentoring other team members and elevating the collective team’s capabilities and skill sets through peering and informal training.
You will be contracted to Olo through Deel, our Employer of Record. An Employer of Record (EOR) is an organization hired by companies to handle the legal and administrative responsibilities of employing staff, often in countries where the company might not have a local presence.
Here’s an easy way to think of it: You work for Olo in a practical sense, completing your assigned role. The EOR is your formal employer, meaning the EOR takes care of all the administrative and legal responsibilities for your employment. In line with this arrangement, you maintain your day-to-day relationship with Olo, and Deel will be your point of contact for any job-related matters of your engagement. Moreover, you’ll retain all the employment rights you typically have under local employment law when you’re hired through an EOR.
What You’ll Do:
Participate actively in a 24/7 on-call rotation, responding to escalated security incidents and coordinating effective resolutions.
Lead improvements in detection and response capabilities, continuously optimizing monitoring, alerting, and incident response processes.
Mentor junior and mid-level engineers, setting a high standard in security practices and offering guidance for professional development.
Demonstrate excellence in white-glove service delivery, ensuring security incidents are managed with thoroughness and professionalism.
Define and collaborate on implementing leading security practices, ensuring strategies align with organizational security goals and industry standards.
Take ownership of security project execution, prioritizing tasks and aligning initiatives with team and company objectives.
Use and optimize advanced security tools, including SIEMs and vulnerability scanners, to enhance detection, logging, and analysis capabilities.
Conduct regular and detailed vulnerability assessments, identifying gaps in security controls and implementing mitigation strategies.
Support compliance efforts, ensuring documentation, audits, and regulatory standards are met to maintain certifications and adherence to best practices.
Collaborate with cross-functional teams, including development and IT, to integrate security best practices within architectural frameworks.
Lead security awareness initiatives, educating technical teams on advanced security topics and secure coding practices.
Stay informed on emerging security threats and technologies, continuously evaluating and integrating relevant tools or methodologies.
Provide guidance for risk management processes, helping to establish and maintain effective risk identification and mitigation protocols.
Develop and document security processes and procedures, ensuring consistency and readiness for both routine and high-stress security incidents.
Support leadership with reporting by providing insights and data on incidents, vulnerabilities, project progress, and metrics to inform security decisions.
Lead automation and process optimization efforts by developing scripts and tools to automate repetitive security tasks as well as to enhance detection and response capabilities through the use of automation and integration of security tools.
What We’ll Expect From You
Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent security experience)
7+ years of experience in Security Engineering and Security Operations, including extensive experience in Blue Team operations, Security Architecture, DevOps, and general Operations.
Deep knowledge of information technology, evolving threats, attack patterns, incident response, and cybersecurity standards.
Proven ability to develop and lead incident response, including remediation, mitigation, and regular status updates and reporting.
Skilled in security event evaluation, discerning legitimate security incidents from false positives, incident investigation, countermeasures, and impact monitoring.
Strong understanding of operating system, networking, and application hardening for Windows, macOS, and Linux, including virtualization security.
Experience deploying, maintaining, and administering security technologies like IDS, DLP, FIM, firewalls, SIEM, MFA, vulnerability assessment tools, web proxies, and WAFs.
Experience with cloud providers and Infrastructure as Code (IaC) tools, such as Terraform, Ansible, or CloudFormation.
Proficiency in AWS security best practices.
Skills in automation, development, or scripting for enhanced security operations.
Advanced knowledge of Application Security, modern web protocols, and Web Application Firewalls.
Familiarity with SIEM platforms.
Proficiency in email security protocols like SPF, DKIM, and DMARC.