Senior Information Security Engineer

Who We Are:

Convoso is a leading provider of omnichannel contact center software. The company was founded on innovation and continues to push boundaries in our industry. 

Headquartered in Los Angeles, the company has employees around the globe working both hybrid and remote. The company culture fosters team integrity, positive persistence, and continuous growth. (A heads up - we were awarded as Built In LA’s Best Places to Work in 2020, 2021 and 2022!)

The company’s foundational product provides the most powerful contact center software available for outbound teams. However, we are expanding our reach by relaunching an advanced version of our conversational AI product. The enhanced capabilities of our Intelligent Virtual Agent (IVA) gives our customers a competitive edge and streamlined productivity by dramatically reducing repetitive tasks. This future forward technology will allow Convoso to grow into new markets across hundreds of use cases. 

Convoso is looking for people who are excited about technology and the fast growing, innovative field of IVA and AI. We are a company of motivated team players driving accelerated growth in a supportive, positive culture. We celebrate a diversity of people, ideas, and backgrounds that contribute to one shared community. 

Most roles at Convoso function as “hybrid” with some opportunities for travel to in-person business events and company meetings. For remote positions, Convoso’s U.S. hiring is open to candidates who are residents of the following states: AL, AZ, CA, CO, CT, FL, GA, IL, IN, MA, NC, NJ, NV, OH, PA, TX, UT.

The Job:

At Convoso, we’re constantly, vigilantly looking for ways to reshape the future of lead generation contact centers. Our mission is to revolutionize the call center industry by empowering agents to convert leads faster. That’s where you come in.

We are seeking a Senior Information Security Engineer. In this role, you will be responsible for designing, implementing, and maintaining secure systems and networks. You will work closely with cross-functional teams, including IT, network engineering, and SREs, to ensure that systems and networks are secure, compliant with applicable regulations, and protected against unauthorized access and other security risks. You will be responsible for identifying vulnerabilities and potential threats, conducting risk assessments, and developing and implementing security solutions to mitigate risks. You will also be involved in incident response, security monitoring, and security policy development. This role establishes appropriate standards and controls and leverages best-of-breed Cybersecurity frameworks.

What You'll Be Doing:

• Design, implement, and maintain secure systems and networks, including servers, routers, switches, firewalls, intrusion detection/prevention systems, and other security devices.
• Perform vulnerability assessments, penetration testing, and risk assessments to identify and prioritize potential security risks and vulnerabilities.
• Develop and implement security measures, policies, and procedures to protect systems and networks against unauthorized access, data breaches, and other security incidents.
• Recommend security policies, controls, and cyber incident response planning, including impact analysis and recommendations for avoiding breaches or incidents.
• Implement and provide ongoing support for cybersecurity policies and procedures.
• Establish Disaster Recovery and Business Continuity processes. Ensure communication of these plans within the organization.
• Lead incident response efforts to investigate security breaches, analyze root causes, and implement corrective actions. Conduct digital forensics investigations when necessary.
• Review and collaborate with LMS on security awareness and best practices training for team members.
• Regularly update the cyber security strategy to leverage new technology and threat information.
• Responsible for supporting any additional aspects of IT security strategy and advising on Security Software and Services, including but not limited to staff laptops and any other device security tools. 
• Communicate and champion best practices and risks to various parts of the business, as appropriate.
• Helped infrastructure and software engineers audit and develop secure systems by advising on information technology regulatory and security best practices.
• Maintain and disseminate a current understanding of the industry's IT threat landscape and leverage various threat intelligence sources.
• Establish a 24/7 global monitoring and threat detection environment, and implement security information and event management (SIEM) solutions for centralized monitoring and analysis.
• Assist in the identification of new tools and systems to reduce and/or manage risks.
• Ensure technical documentation for security practices and procedures.

Who You Are:

• Bachelor's Degree in Computer Science, Information Technology,or related field preferred
• Significant knowledge and demonstrated track record leading SaaS security environments and industry standards, such as NIST, ISO 27001, and CIS Critical Security Controls.
• Strong understanding of networking concepts and protocols, such as TCP/IP, VLANs, VPNs, and routing/switching.
• Familiarity with security-related regulations, such as CCPA, GDPR, HIPAA, and PCI-DSS.
• One (or more) of the following security certifications: ISC2 certificates, GIAC certificates, CISM/A, CEH, etc. 
• Security control concepts: physical, logical, administrative
• Minimum of 5 years of experience in cybersecurity, system security engineering, network security, or performing and running information security assessments in direct support of compliance or a related field.
• Excellent analytical, problem-solving, and troubleshooting skills.
• Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders.
• Implement security information and event management (SIEM) solutions for centralized monitoring and analysis.

Work Perks Worth The Hype:

• Competitive compensation package
• Stock options
• 100% covered premiums for employees; Medical, Dental, Basic life insurance, Long term disability
• Affordable Vision plan and optional FSA
• PTO, Paid Sick Time, Holidays, Bereavement time, Parental Leave
• Your birthday off
• 401k program with generous company match
• No cost Employee Assistance Program and Travel Assistance
• Monthly Gym membership reimbursement
• Monthly credits toward food & beverage
• Company Outings
• On and offsite team building events
• Paid training for departments
• Apple laptop (most roles)
• And a team of highly experienced and kind colleagues!

HQ Office:

• Casual office environment & dress
• Daily catered lunches
• Fully stocked kitchen (Dietary restriction-friendly)
• Happy Hours
• Monthly Massages
• On-site Car Wash 
• Free Parking 

Compensation:

The base salary range is: $100,000 - $115,000.

The Base Pay Range for this position is based on the industry benchmark for position, function, level and the company's compensation strategies. However, final offers may vary from the amount listed based on geography, candidate experience and expertise, and other objective business. Convoso’s compensation package also includes equity for all eligible U.S full time roles and exceptional benefits, including generous 401k match.

Your California Privacy Rights:

As a California resident who is an applicant to be an employee of Convoso, you have certain rights under California law with respect to information collected by Convoso in the course and scope of its evaluation of your application. The types of information Convoso collects and your rights with respect to that information are contained in Convoso’s privacy policy, which you can review by going to https://www.convoso.com/privacy-policy/.