Senior Security Engineer

Collectors Universe

Collectors Universe

Software Engineering
Santa Ana, CA, USA · Remote
Posted on Friday, March 1, 2024

Collectors is the leading creator of innovative technology that provides value-added services for collectors worldwide. We grade, authenticate, vault and sell millions of record-setting collectibles, all while modernizing and digitalizing the process to further our mission of helping collectors pursue their passions. We’re always on the lookout for talented people to join our growing team. Our services span collectible coins, trading cards, Funko Pops!, video games, event tickets, autographs, and memorabilia. Our subsidiaries include PSA, PCGS, WATA, Card Ladder, Goldin, and the Long Beach Expo collectibles trade show.Since our founding in 1986, we have graded and authenticated millions of items. We employ more than 1,700 people across our headquarters in Santa Ana and offices in Jersey City, Seattle, Hong Kong, Paris, Shanghai, and Tokyo.

We’re transforming the collecting experience with technology that brings authentication, grading, and trading into the modern era. Our products are equalizing the playing field by providing tools that make complex research analytics — including pricing, scarcity reports, and historic sales data — accessible to every collector, old or new. Our engineering mission is to democratize technology while promoting innovation, collaboration, and continuous learning throughout the organization. We're seeking engineers to utilize advanced technology in agile settings, with a focus on improving the customer experience for every collector. Collectors Cybersecurity team is committed to utilize cybersecurity, risk and privacy best practices on our platforms, leveraging signal intelligence and observability at scale to protect our customers, employees and our brand.

As a “hands-on” Security Operations Engineer, you will be responsible for ensuring the security of our organization's systems, networks, and data by implementing and maintaining security measures, monitoring for security incidents, and responding to security breaches. The ideal candidate will have a strong background in information security, hands-on experience with security technologies, and a proactive approach to identifying and mitigating security risks.

What You’ll Do

  • Implement and maintain security technologies and tools such as SIEM, IDS/IPS, firewalls, EDR, threat management, monitoring, etc.
  • Develop and implement security policies, standards, and procedures to ensure compliance with regulatory requirements and industry best practices.
  • Monitor security logs and alerts to identify potential security incidents and respond to them promptly.
  • Investigate security incidents to determine the root cause, scope, and impact, and develop remediation plans to address them.
  • Conduct security assessments to identify vulnerabilities and weaknesses in systems and networks.
  • Develop and maintain incident response plans, procedures, and playbooks to ensure an effective and coordinated response to security incidents.
  • Contributing to the development of best practices including IAM policies, networking, cloud, auditing, monitoring and logging standards.
  • Develop automation and advanced alerts/reports to meet stakeholder requirements
  • Work closely with teams across the organization, particularly Information Technology (IT) and applications to implement proactive security measures.
  • Develop correlations, enrichments, dashboards, reports and alerts that appropriately characterize attacks and mitigation mechanisms.
  • Regularly audit public cloud infrastructure utilizing cloud security best practices, identifying findings, and tracking efforts to remediation.
  • Working closely with the leadership to deliver on requirements, projects, and report on progress.

Who You Are

  • 3+ years of experience, with focus on security operations.
  • Hands-on experience with security tools and technologies, and the ability to analyze and respond to security events effectively.
  • Experience working with or implementing endpoint, network, devops and cloud security solutions and controls (preferably in AWS).
  • Ability to thrive in a high-growth, fast-paced, and dynamic environment.
  • Experience applying risk-based approach to decision making
  • Experience with DevSecOps and enhancing and securing infrastructure as code (Ansible, Terraform, Docker, Kubernetes, etc.)
  • Experience with observability, telemetry, monitoring, logging platforms.
  • Hands-on technical expertise - scripting and/or programming languages, databases, etc.
  • Capable of leveraging Python/Bash/Go to solve practical day-to-day security challenges.
  • Excellent understanding of OWASP risks, vulnerabilities, mitigation mechanisms, WAF, and system exploits.
  • Thorough understanding of networking and web protocols.
  • Experience with security frameworks such as ISO, NIST, SOX, and PCI.

The salary range for this position is $150,000-$210,000. Actual compensation varies based on a variety of non-discriminatory factors, including location, job level, experience, and skill set.

Reasons To Join Us

  • Health Insurance: All full-time employees are eligible to enroll in Medical, Dental, and Vision
  • 401(K) Matching Plan: We are proud to offer a competitive 401k matching plan to our employees to support their future financial goals
  • Vacation: All full-time employees are eligible for a flexible paid vacation
  • Holiday Pay: All regular, full-time employees are eligible for nine company paid holidays Employee Discounts: Employees receive discounts on select grading services for approved submissions
  • Flexible Hours: Many of our teams offer flexible schedules with varying shifts and will work with you to accommodate your needs
  • Fun Working Environment: Our team members are invited to participate in celebrations, holiday events, and team building activities

Candidates must be authorized to work in the United States.

Collectors may use e-verify to validate your ability to work legally in the United States.

We are aware that there are instances where individuals are receiving job offers that fraudulently allege to be from Collectors or one of our business units. This type of fraud can be carried out through false websites, through fake e-mails claiming to be from the company or through social media. We never ask for personal information such as your bank account, Social Security numbers or National IDs, nor do we send or request payments for the purchase of business-related equipment. If you suspect fraud, please reach out to [email protected].

We are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, national origin, gender, sex, gender identity or expression, sexual orientation, age, citizenship, marital or parental status, disability, veteran status, or other class protected by applicable law. We believe that a team that represents a variety of backgrounds, perspectives, and skills will better service the diverse community of collectors we support.

If you require an accommodation to apply or interview with us due to a disability or special need, please email [email protected].

U.S. residents: for disclosures relating to personal information we collect during the employment application and recruitment process, please see our Privacy Notice for U.S. Applicants.

Explore other available openings at collectors.com/careers.