Security Engineer

About the Company

Cover Genius is a Series E Insurtech that protects the global customers of the world's largest digital companies including Booking Holdings, owner of Priceline, Kayak and , Intuit, Hopper, Skyscanner, Ryanair, Turkish Airlines, Descartes ShipRush, Zip and SeatGeek. We're also available at Amazon, Flipkart, eBay, Wayfair and SE Asia's largest company, Shopee.

Our partners integrate with XCover, our award-winning insurance distribution platform, to embed protection for millions of customers worldwide each year. Our team and products have been recognized sed with dozens of awards including by the Financial Times who ranked Cover Genius as the #1 fastest growing company in APAC in 2020. Our diverse team across 20+ countries and many language groups commits itself to diverse cultural programs, in particular "CG Gives" which makes social entrepreneurs out of us all and funds development initiatives in global communities.

Our People are Bold, Authentic, Purposeful and Inspired  

Our People are not Perfect, Traditional, Complacent or Cautious 

About the Role

As a Security Engineer in our Security & IT Operations Team, you will play a pivotal role in securing the platform that protects the customers of the world's largest digital brands. You will drive proactive improvements in our security posture and detect and respond to threats across our applications, platforms, devices and workforce. 

To drive success in this role, you will have a background in application or devops engineering with a passion for security and excellent problem solving skills. 

As a Security Engineer, you will work closely with Infrastructure and IT Engineers to safeguard our critical systems and devices. You will collaborate with product engineering teams to build security into our products from the ground up, ensuring that we can innovate with speed and confidence. Your work will be crucial in maintaining the trust of our partners and customers, directly contributing to the company's continued success and growth.

Key Responsibilities

• Secure our Applications: Collaborate with infrastructure and product engineering teams to integrate security tools and processes seamlessly into the CI/CD pipeline (e.g., SAST, DAST, dependency and secret scanning). Act as a security consultant for product engineering teams, providing guidance on secure coding practices (e.g. OWASP Top 10), threat modeling, and secure architecture design.  

• Secure our Platform: Develop and enforce cloud security policies, standards, and best practices for infrastructure, networking, and data protection, leveraging industry frameworks and benchmarks.

• Secure our Workforce: Work with our IT engineers to ensure that employee devices, identities and SaaS applications are secured, compliant and fit for purpose.

• Threat Detection & Response: Configure, manage, and tune security monitoring and alerting systems (e.g. SIEM, CSPM, CWPP) to effectively detect threats. Investigate, and respond to security incidents including on-call duties for critical incidents.

• Third Party Risk Management:  Conduct thorough assessments of new and existing IT vendors, including reviewing their certifications and processes to ensure that they comply with our security requirements and best practices. Provide responses to  due diligence questionnaires submitted by our current/prospective partners.

• Governance, Risk & Compliance: Assist in gathering evidence and generating reports for internal and external audits, including SOC2 and PCI-DSS, ensuring our controls are well-documented and effective. Coordinate regular vulnerability assessments, penetration tests and access reviews on cloud infrastructure and applications, working collaboratively with asset owners on remediation strategies and risk acceptance.

Skills & Experience:

What you will bring:

• Experience: At least 1 year of hands-on experience in a Security Engineering, Application Security, or DevSecOps role. Prior experience in a Software Engineering or DevOps role is desirable.

• Application Security Expertise: Understanding of common application vulnerabilities (OWASP Top 10), secure coding principles, and the software development lifecycle (SDLC). Hands-on experience with application security tools (SAST, DAST, SCA) is essential.

• Cloud Security Proficiency: Experience using public cloud environments (AWS and GCP preferred). Ideally with understanding of cloud security concepts, including IAM, network security, and native security services.  

• Infrastructure as Code (IaC) Proficiency: Demonstrated proficiency in automating infrastructure and security controls using Terraform (preferred) or other IaC tooling.

• Container & Kubernetes Security: Familiarity with container technologies (Docker, Kubernetes) and the tools and techniques used to secure containerized applications and orchestration platforms. 

• Scripting & Automation: Scripting skills in a language such as Python, PowerShell, or Bash for automating security tasks, parsing data, and interacting with APIs to integrate security systems.

• Endpoint Management & Security: Basic familiarity with managing and securing corporate endpoints using modern EDR & MDM tooling.

• Bachelor Degree in Information Technology, Computer Science, Information Security, or equivalent practical experience

What you will have:

• Analytical Mindset & Problem-Solving: You dissect complex security challenges, from architectural flaws to incident forensics, with a deep-seated curiosity and an exceptional attention to detail. You don't just fix symptoms; you identify and eradicate root causes to build more resilient systems

• Developer Empathy & Pragmatism: You excel at translating security requirements into actionable guidance for engineers. You understand the need to balance security with product velocity and can build strong, collaborative relationships..  

• Proactive & Curious: You are a self-motivated learner driven to stay ahead of the curve, actively researching emerging application threats and new security technologies. You challenge assumptions and advocate for necessary improvements

• Clear Communication: You can clearly articulate complex technical risks and concepts to both technical and non-technical stakeholders, fostering a culture of shared security responsibility.

Why Cover Genius?  

Cover Genius not only cares about being the best in our industry, we care about our team. We're a business that understands life can be fluid and so we flex to ensure we provide the environment to suit that. What does that mean?  

• Flexible Work Environment - Our teams are hybrid. We work from home on Wednesdays and Thursday and collaborate in office on Monday, Tuesday and Friday with flexibility around start/finish times. With the added benefit of a Wellness day a month

• Employee Stock Options - we want our people to share in our success, we reward them with ownership for their contribution in creating a world-class company.

• Work with like-minded people who are passionate about both the work we're doing and giving back. Our CG Gives programs enables us to all become philanthropists through our peer recognition and rewards system.

• Social Initiatives - pictures speak a thousand words

Sound interesting? If you think you have the best composition of the above, send us your resume and let's chat

* Cover Genius promotes diversity and inclusivity. We don't tolerate discrimination, demeaning treatment of anyone, or harassment due to race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or any other legally protected status.

By submitting your application, you acknowledge that we may collect, store and process your personal data for recruitment purposes. To ensure a fair evaluation, we may use AI to assist in sorting applications, but all final decisions are made by our hiring team and no candidate dispositions are automated. We will keep your information on file for three years from the date of your application.  For detailed information about how we handle your data and our use of AI, please review our full Privacy Policy.