logo inner

Sr Cybersecurity Engineer

Stori CardOnsite

About Stori


Stori is a fast-growing, venture-backed financial technology company, on a mission to democratize credit access for 400 million underbanked LatAm consumers. Stori currently operates in Mexico and has a global team with offices in Arlington Virginia, Mexico City, and Asia. We have quickly made our mark as one of the top digital banks in Mexico with more than two million applicants for our credit card product since launching.Stori is one of the top-funded startups in the region with US$250 million raised to date.

We are backed by top global venture capital funds, such as GGV Capital, GIC, Lightspeed Venture Partners, General Catalyst, Goodwater Capital, Mexico’s Tresalia Capital, Vision Plus Capital, BAI Capital and Source Code Capital; who have successfully invested in startups such as Affirm, Airbnb, Alibaba, Stripe, and TikTok.Stori has a standout founder team among fintechs, leveraging 100+ years of accumulated experience in consumer finance, banking and technology across Mastercard, Intel, Capital One, Morgan Stanley, GE Capital, and HSBC in the U.S., Mexico and Asia. The team has launched and managed many multi-million-customer credit card products globally, providing a wide breadth of experience and knowledge to our team.We welcome diversity of background, experience and thinking.

Storians are passionate about our mission and take pride in the products we build. Our culture thrives off of a flat structure and an inclusive environment where all of our employees can be their authentic selves, with boundless opportunities for professional growth.

The Role:


As a Sr Cyber Security Engineer, you will be responsible for safeguarding an organization's computer networks and systems. You will utilize your expertise in cybersecurity principles, practices, and tools to protect sensitive data, prevent unauthorized access, mitigate potential security threats, and monitoring. Your role will involve designing, implementing, and maintaining security measures to ensure the confidentiality, integrity, and availability of information assets.

Main responsibilities:


  • Identify vulnerabilities and weaknesses that could be exploited by attackers.
  • Help develop and implement security policies, protocols, and procedures.
  • Conduct regular security assessments, vulnerability scans, and penetration testing.
  • Prepare and present reports on security status and incidents to management.
  • Stay current with the latest security trends, threats, and technology solutions.
  • Understands, reviews, and interprets vulnerability assessment and scanning results, reduce false positive findings, and act as security advisor to business unit partners.
  • Creates detailed risk assessment reports which explain identified technical and logical security findings, describes potential business risks, and presents prioritized recommendations.
  • Develop and maintain documentation for security processes and compliance requirements.
  • Contributes to the ongoing enhancement of the company's security assessment capabilities through the development and implementation of improved methodology, processes, infrastructure, tools, and deliverables.
  • Maintains knowledge with current emerging technologies and advancements within Cybersecurity.
  • Provides expertise and solutions for others as a subject matter expert.
  • Monitor and enforce guidelines for best practices in security and compliance.
  • Orchestrate daily compliance requirements and tasks as required.
  • Review and respond to escalated security events.
  • Proactively hunting for vulnerabilities and threats within our environment.
  • Maintain knowledge of adversary tactics, techniques, and procedures (TTP).
  • Provide timely and relevant updates to appropriate stakeholders and decision makers.
  • Monitor and analyze security systems to detect and respond to security incidents.
  • Investigate security breaches and other security-related incidents.

    • What we are looking for:


    • Experience:
    • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. 
    • 2-3+ years of hands-on experience with the design, implementation, and operation of enterprise vulnerability management.
    • 2-3+ years experience supporting diverse IT systems, processes, or capabilities in large organizations
    • 2-3+ years of solid understanding of industry best practices for hands on, security vulnerability remediation.
    • 2-3+ years of experience in incident response and/or computer forensics. Extensive experience within an enterprise scale organization; including hands-on experience of complex data centre environments, preferably in the finance or similarly regulated sector 
    • 2-3+ years with SolarWinds (or other, similar tools) running in an enterprise environment.
    • Extensive experience with core vulnerability management scanners (e.g. Qualys, Tenable etc.).
    • Strong knowledge of OWASP Top 10 and the ability to articulate application security risks and determine threat level.
    • Technical understanding of a range of enterprise (on-premise) IT and cloud-based architectures and technologies such as networking, server infrastructure, operating systems, web applications and databases.

    • Skills and attitudes
    • An understanding of mapping and scanning applications and systems, including port scanning, identifying services and configurations, spidering, application flow charting, and session analysis
    • Technical understanding of current cybersecurity threats and trends
    • Knowledge and experience with the Windows and Linux operating systems
    • Ability to correlate data from multiple data sources to create a more accurate picture of cyber threats and vulnerabilities.
    • Ability to research, analyze data, and derive facts.
    • Familiarity with automated tools used to discover system and web application vulnerabilities such as Nessus, Nmap, Qualys, R7 etc.…
    • Knowledge of system and/or web application vulnerabilities and risk assessment methodologies such as Common Vulnerability Scoring System (CVSS) or Open Web Application Security Project (OWASP) Risk Rating Methodology
    • Strong technical skills related to at least one of the following areas: Information Security, Incident Response, Network Security, Windows Security, UNIX/Linux Security, and Web application Security.
    • Able to multitask, prioritize, and resolve multiple inquiries at once.
    • Excellent communication (oral and written), interpersonal, organizational, and presentation skills.
    • Strong work ethic and self-motivation.
    • Ability to work independently, be creative, results-oriented, and adaptable, and have strong written and verbal communication skills.

    • Bonus Points:
    • Preferred certifications: Net+, Security+, OSCP, CEH, CISSP, GIAC (GSEC, GEVA, GPEN etc.)

    What we offer


    • Make a positive impact on the lives of our customers via financial inclusion
    • Professional development opportunities 
    • International exposure & work experience
    • Company swag
    • Legally required benefits

    Life at Stori Card

    Desafiamos el estatus quo al hacer lo que los demás no se atreven, darle a la población financieramente desatendida los productos financieros que necesitan. Sin anualidad, sin historial crediticio. 100% aprobación garantizada con Stori o Stori con Garantía si tus datos son correctos. Experiencia y control Digital TOTAL. Maneja todo desde tu celular: - Solicítala en minutos desde tu app - Sin sucursales - Notificaciones en tiempo real - Movimientos - Categorización de gastos - Edo de cuenta fácil de obtener Nos esforzamos para crear la nueva generación de productos y servicios bancarios accesibles y fáciles de usar para hacer tu vida más sencilla. Damos todo de nosotros para empoderar a nuestros clientes y darles las herramientas necesarias para mejorar sus vidas y alcanzar sus sueños y metas.
    Thrive Here & What We Value• Welcome diversity of background, experience, and thinking• Promote from within• International exposure & work experience• Professional development opportunities• Competitive salaries with strong Stock Option package• Health, dental, and vision insurance• Paid time off• Flexible schedule including remote work• 401(k)• Health Savings Account• FSA• Commuter Benefits• Short and Long Term Disability• Life Insurance• Employee Assistance Program• Onsite gym• Casual dress code• Company outings</s>
    View more
    Your tracker settings

    We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

    By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

    logo innerThatStartupJob
    Discover the best startup and their job positions, all in one place.
    Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
    AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
    Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
    CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
    Copyright © 2024