Security Specialist

About Flinks 🚀

Flinks is driven by the belief that data should belong to the consumers. 

We enable the open, consent-based exchange of financial data while empowering businesses to connect their consumers with the services they want. Flinks connects to over 250 million financial accounts, and is trusted by hundreds of world-class companies. Flinks helps them to digitize their processes, improve their user experience, and reduce delinquency.

About the role 🤝

We are on the hunt for a proactive and skilled Security Specialist with a strong blue team orientation to join our dynamic Cybersecurity team. In this critical role, you'll be the guardian of our security landscape, focusing on defending our systems, particularly our financial data, against a myriad of cyber threats.

Your day-to-day responsibilities will be diverse and impactful, involving close collaboration with teams across the entire organization. You'll be the linchpin in developing, implementing, and refining security safeguards and countermeasures tailored to our unique environment.

What you’ll be doing 🔥

As a Security Specialist your role is pivotal in maintaining and enhancing our cybersecurity posture. Here's a glimpse into your diverse and dynamic responsibilities:

• Cybersecurity Initiatives: Actively participate in cybersecurity initiatives, training sessions, audits, and other compliance-related activities.
• Team Collaboration: Work closely with the infrastructure team to ensure our service environment's security, functioning as a key security consultant for all teams.
• Incident Response: Respond promptly to incidents and alerts from our comprehensive suite of security tools, including an on-call rotation.
• Threat Hunting and Analysis: Engage in proactive threat hunting using our anomaly-based container runtime security solutions and EDR. Conduct thorough threat intelligence analysis to identify attack indicators and indicators of compromise.
• Security Awareness Training: Develop and implement engaging phishing campaigns and training to enhance organizational security awareness.
• Vulnerability Management: Identify, manage, and escalate vulnerabilities, ensuring effective mitigation strategies are in place for CI/CD Security, Penetration Test Reports, and more.
• Dark Web Monitoring: Continuously improve and respond to findings from Dark Web monitoring efforts.
• HackerOne Program Management: Assess, replicate, manage, and validate security submissions within our HackerOne program.
• Dynamic Application Security Testing (DAST): Manage our  dynamic scans with each release and analyze outputs.
• Security Consultation: Serve as a go-to consultant for developers regarding the security of internal features or services, and recommend improvements.
• External Penetration Testing: Oversee annual external penetration tests to ensure comprehensive security evaluations.
• Pipeline Security: Oversee NuGet Scanner and SonarQube operations within our pipelines, ensuring high and critical findings are addressed and outdated components are eliminated.

Who You Are 🌟

• Passionate Technologist: You thrive on diving deep into the world of cybersecurity. It's not just a task for you; it's your passion. You're someone who doesn't shy away from getting your hands dirty in the technical aspects of security.
• Experienced and Knowledgeable: With at least 2 years of experience in a cybersecurity role, preferably focusing on blue team operations, you bring a wealth of knowledge to the table. Your expertise isn't limited to traditional security measures; you understand that effective security encompasses a broad spectrum of practices.
• You have a strong grasp of Vulnerability Management, Data Loss Prevention, Dark Web Monitoring, Endpoint Protection, and are well-versed in SIEM/SOC technologies.
• Analytical and Insightful: Your ability to analyze complex security data is unparalleled. You're adept at identifying underlying patterns and making quick, informed decisions based on your analysis.
• Team-Oriented Communicator: You excel in a team environment, capable of seamless collaboration with both technical and non-technical stakeholders. Your communication skills are top-notch, allowing you to articulate complex security concepts clearly and persuasively.
• Bonus Skills: If you have hands-on experience with Penetration Testing and Web Application scanning, it’s a significant bonus! These skills add tremendous value to your profile.
• Certification and Continuous Learning: Professional cybersecurity certifications, such as CISSP or CEH, are highly regarded, though not mandatory. Your commitment to continuous learning, keeping abreast of the latest threats and technological advancements in cybersecurity, sets you apart.
• Problem Solver: You are not just a problem identifier, but a problem solver. Your proactive approach to identifying potential security issues is matched by your dedication to developing and implementing innovative solutions.

The Interview Process 🏗

• People Ops Manager
• Director, Cybersecurity
• Meet the team

If we’ve piqued your curiosity, you can check out our Constitution to find out more about Flinks’ origins, values and culture.