Bonusly provides solutions to create high-performance, high-engagement teams. We believe that success in business is determined by people, working on teams, to solve novel problems. That belief extends to our own team, and we’d love for you to be a part of it.
What is our mission?
Our mission is to help people connect with their work and each other in meaningful ways. Our vision is for every organization to reach success by using Bonusly to build high-performance, high-engagement teams. We believe that the way we work today can be so much better.
How do we get there?
Our top-rated SaaS platform is built by the talented and creative team here at Bonusly. We work with autonomy, responsibility, and purpose. We are driven by a desire to make meaningful impacts for our customers, and to be excellent teammates to each other along the way.
Boulder preferred, remote only in US
Bonusly is looking for an experienced, detail oriented and motivated IT Security Engineer to impact the IT and security operations of an industry-leading B2B SaaS platform that is currently scaling to over 1000 customer organizations and millions of users. In this role you will be a hands-on resource managing and influencing multiple facets of Bonusly’s security and compliance mission. You will get to positively impact some of the most influential companies in the world such as Hulu, Chobani, Headspace, Palo Alto Networks, and more. Our Recognition and Signals products empower employees to show appreciation for each other, build stronger working relationships, and feel a greater sense of belonging. We are a young company and you will be joining a high impact, high visibility team tasked with all aspects of information security, compliance, and IT operations.
What you’ll do
- Join an inclusive, collaborative, and skilled product team that loves to deliver value for our customers.
- Collaborate in the maturation of our overall security posture and IT standard practices including AWS security and architecture controls
- Recommend, design and implement a variety of corporate security controls including MDM, MFA, SSO
- Assist in SOC2 audits and ongoing compliance efforts.
- Recommend, design, and perform hands-on implementations of Security tooling (e.g., GitLab, SAST, DAST) to mitigate downstream risk and defects.
- Own the vulnerability management lifecycle from identification to remediation to reporting.
- Review internal and third party security findings, and track remediation efforts.
- Recommend, design and implement automation features into our on/offboarding processes
- Assist product engineering teams in prioritizing and scheduling security related enhancements to our platform
- Be a part of our high growth journey and collaborate to create and iterate on our practices.
- Have the support of your amazing, talented colleagues while working on small, high impact teams and enjoying the trust and autonomy needed to be biased toward action.
- Embrace a nuanced view of time off, as we encourage our team to mix work and free time in different ways to help people stay motivated and refreshed.
????You should apply if you…..
- Have 3+ years professional experience as a security analyst, security engineer, or similar role. We recognize the diversity in titles and roles in this practice.
- Have a diverse skill set and are comfortable being an IT and security generalist initially as we grow our platform and team.
- Have professional experience with security architectures for at least one leading cloud provider (AWS, Azure, GCP)
- Are passionate and data driven, believing in effective IT support and security/compliance practice as a set of behaviors rather than a list of tickets
- Thrive on building scalable and attest-able security and IT practices and recognize the challenges of hyper growth companies.
- Are interested in how security relates to the things we talk about at https://engineering.bonus.ly/
- Are eager to communicate cross-functionally and within product, engineering, and operations
- Architect data systems for performance, scalability, and future maintainability
- Generally strive to leave a system component better and more secure than it was found
Bonus Points for…
- Having direct professional experience with implementing MDM, MFA, SAML, SSO
- Having previously worked to design, develop, implement security solutions for hybrid (cloud + 3rd party/on prem) environments
- Familiarity with compliance frameworks (ISO27001, NIST)
- Past participation in / coordination of SOC audits including process development and attestation
- Familiarity with privacy laws such as GDPR and CCPA
- Uplifting and mentoring other team members through architecture input, proactive communication, and/or strong leadership qualities
- Experience deploying, managing, and supporting Apple devices.
- A strong interest in learning about new technologies, development processes, and practices and shares this knowledge with the team or implements tooling around it
- Being an advocate and change agent for security and compliance best practices
- The drive to act and own high-impact projects from day one
- Previous work experience in a startup environment
- Target Base Salary: $100,000 – $135,000
- Target Equity: .04% – .07%
????Benefits and opportunities include…
• Collaborating with a growing team of smart & passionate creators.
• Making work more enjoyable and meaningful by reimagining the way companies recognize and reward their employees.
• Being empowered to innovate, take ownership, and motivate change at a growing company.
• Flexible “work-from” policies.
• Fully covered Medical/Dental/Vision insurance.
• Fully covered short-term/long-term disability and life insurance
• Progressive vacation policy.
• 401(k) with employer matching.
• Subsidized wellness, transit, and professional development.
• Bonusly! (Of course we use our own product for peer, work anniversary, and birthday recognition)
???? What’s it like to work at Bonusly?
Culture and employee experience are some of our top priorities! See what we’re all about at https://bonus.ly/about, and check out our official Employee Unhandbook to learn more about our culture and values.
???? We actively work toward greater diversity, equity, and inclusion
We are an equal opportunity employer and value diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.