Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy, and consent to receive emails from Rise
Jobs / Job page
Security & Risk Engineer || Remote, US-based image - Rise Careers
Job details

Security & Risk Engineer || Remote, US-based

About Buoy Software


Our mission is to deliver the best experience possible to as many donors of blood products (such as plasma) as possible, in as many communities as possible. We use our understanding of blood product donation and the industry’s regulations and pair them with our extensive consumer product experience to enrich the lives of our members and improve health outcomes for patients everywhere. 


In an industry that hasn’t seen innovation in more than two decades, Buoy’s software streamlines the donation process allowing our business to promote loyalty while improving efficiency in a donation center. In turn, the increase in blood product donations improves a supply level that is at an all time low, and allows for blood-product derived biotherapies to continue to evolve, improve, and save lives for those who face life-threatening conditions (i.e. immune deficiencies and blood disorders). Without an increase in blood product donations, we are facing a worldwide health crisis that ultimately results in rationing of care without the proper resources. Buoy Software is excited to be playing more of a role in improving the state of blood products and blood product donations.


We’re working alongside Join Parachute ([www.joinparachute.com/](http://www.joinparachute.com/)) in the opening of small market donation centers across the country that will create local donation center careers, opportunities to donate blood products, and provide financial compensation for those donations that will have a positive economic impact in those communities. 


The need for blood products is growing rapidly. We want to close the gap in blood product supply and demand by empowering organizations with the right tools. Buoy is the intuitive, data-driven mobile application for donors.


About The Role


We're looking for a Security and Risk Engineer to join our team. You should be someone who is comfortable and experienced in risk management and code review. This role will work closely with specific product engineering pods, owning all security controls and documentation for assigned pods. You should have an eye for continuous improvement, risk and vulnerability management, and security compliance.


What you’ll do:
  • Oversee vulnerability and security risk management including, but not limited to, vulnerability and risk identification/assessment, crafting mitigation proposals, tracking mitigation status, and testing and validating mitigation methods
  • Oversee security compliance activities including, but not limited to, hazard analyses, threat modeling, root cause analysis, and creating, updating, and maintaining policies and other relevant documentation
  • Manage continuous monitoring and auditing processes to detect and respond to security incidents
  • Perform code assessments to determine any impacts for Buoy’s applications
  • Responsible for defining, implementing, evaluating, and maintaining the effectiveness of security and risk controls
  • Identify current and emerging issues including security trends, vulnerabilities, and threats
  • Collaborate with team members and stakeholders on projects and audits
  • Design security controls that increase operational efficiency and reduces the likelihood of control failure
  • Perform third party security assessments
  • Educate and train staff on security best practices


Who you are:
  • You have experience with threat modeling analysis such as STRIDE and Attack Tree methodologies.
  • You have experience with software as a service.
  • You are a self starter. You enjoy working in an environment where you have a lot of autonomy. You are not one to wait around to be given work, but are always looking for ways in which you can provide support for your colleagues.
  • You can adapt to change quickly and thrive in an environment where every day is different / you own a variety of tasks.
  • You are a team player. Everyone contributes within the Buoy team, and you want to help the team get the job done when needed, regardless of initial ownership.
  • You are professional in your collaboration and communication methods. You can represent Buoy and our values both internally and externally (with vendors / partners) as needed.


In the first 30 days, you will…
  • Be introduced to the team - we’ll help you start to get to know your colleagues, point of contacts for various scenarios, understanding dynamics within the broader org.
  • Learn how Buoy Software operates internally - we’ll help you get accustomed to Buoy’s process, engineering terminology, and other cultural aspects of working here.
  • Go through product demos to start to understand Buoy Software and how it works for both donors experience and donor processing.
  • Begin meeting with and getting to know your direct manager who will share various projects and goals for this role to provide guidance as you settle into the position.
  • Review existing security documentation and determine gaps or improvements.
  • Hit the ground running!


In the first 60 days, you will…
  • Understand goals for your respective pods over the next 6 - 12 months.
  • Begin implementing solutions for gaps identified and performing all duties related to continuous management of security for your pods.
  • Become more familiar with workflows and processes.
  • Become more autonomous as you work with your pods and other stakeholders.
  • Start to define timelines for various projects with your manager to help prioritize your focus and align them with the goals for this role.
  • Begin to suggest changes and improvements to the security program and/or internal processes.


In the first 90 days, you will…
  • Meet with stakeholders across the broader Buoy Software organization.
  • Become more familiar with the other departments across Buoy Software (including leadership, support, customer success, marketing, and people ops).


$120,000 - $140,000 a year

Where you'll be

We are fully remote. We deeply believe in distributed teams at Buoy. We build projects around motivated individuals. We give our team the environment, support and trust they need to get the job done.


We are only considering candidates currently based in the United States at this time.


---

Employment at Buoy Software is contingent upon achievement of satisfactory results on your background check and reference check and your ability to provide proof of your identity and eligibility to accept employment in the United States.

Average salary estimate

$130000 / YEARLY (est.)
min
max
$120000K
$140000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

Similar Jobs
Photo of the Rise User

Lead IT operations at the NYC Comptroller’s Office as the Deputy Chief Information Officer, driving performance and customer satisfaction.

Cox Hybrid Raleigh NC
Posted 9 days ago

Cox Communications is looking for a seasoned AVP of Cybersecurity to champion cybersecurity efforts across RapidScale and contribute to its strategic goals.

Photo of the Rise User
NBCUniversal Remote Englewood Cliffs, New Jersey, United States
Posted 13 days ago

Join NBCUniversal as a Staff Cyber Security Engineer and play a crucial role in enhancing the security architecture across various technologies.

Photo of the Rise User
Posted 8 days ago

Step into a pivotal role at The Wonderful Company as a Principal Database Administrator, where your expertise will optimize Oracle applications for impactful results.

Photo of the Rise User
G-P Remote Colombia (Remote-First)
Posted 11 days ago

G-P seeks an experienced Zendesk Developer to design and optimize solutions for global client support.

Photo of the Rise User

Join Peraton as a Systems Administrator/Scripting Engineer to leverage your PowerShell scripting skills in supporting the US Capitol Police’s critical IT operations.

Posted 5 days ago

As a Senior IT Technician at Wiz, you'll leverage your IT support expertise to empower our global workforce in a cloud-first environment.

Photo of the Rise User
Datamark, Inc. Hybrid No location specified
Posted 6 days ago

Become a key leader at DATAMARK, Inc. as a Senior IT Manager, overseeing technology operations and managing IT infrastructure.

Photo of the Rise User

Join ISE as an Embedded Content Security Engineer and lead initiatives in AI security while engaging with major clients in the entertainment industry.

Photo of the Rise User
Moomoo Remote No location specified
Posted 11 days ago

Futu US Inc. seeks a skilled IT Service Desk Technician to deliver crucial IT support in a dynamic financial services environment.

Photo of the Rise User
Posted 13 days ago
Inclusive & Diverse
Rise from Within
Mission Driven
Diversity of Opinions
Work/Life Harmony
Take Risks
Collaboration over Competition
Growth & Learning
Transparent & Candid
Customer-Centric
Social Impact Driven
Rapid Growth
Passion for Exploration
Dare to be Different
Reward & Recognition
Friends Outside of Work
Medical Insurance
Dental Insurance
Vision Insurance
Mental Health Resources
Life insurance
Disability Insurance
Health Savings Account (HSA)
Flexible Spending Account (FSA)
Conferences Stipend
Bias Training
Employee Resource Groups
401K Matching
Paternity Leave
Maternity Leave
Some Meals Provided
Social Gatherings

Join Google Public Sector as an AI/ML Engineer to support National Security customers with deploying and optimizing cutting-edge AI solutions.

Photo of the Rise User
Posted 7 days ago

Join OBXtek as a Network Engineer, IV, and contribute to enhancing innovative network systems at Brooke Army Medical Center.

Photo of the Rise User

Join Workday as a Principal Cybersecurity Engineer to innovate application security architectures and enhance AI security in a dynamic and collaborative environment.

buoy is the industry’s answer to unlocking more plasma supply.

8 jobs
MATCH
Calculating your matching score...
FUNDING
SENIORITY LEVEL REQUIREMENT
TEAM SIZE
EMPLOYMENT TYPE
Full-time, remote
DATE POSTED
January 12, 2025

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!