At Tala, we see the world differently. We're driven by a fundamental belief in people and we work hard to prove their potential. As a Security Engineer, you will be tasked with improving the security of our platform that enables millions of customers to gain financial access and freedom across the globe.
Trust and security are fundamental to the success we've had in our current markets and will only become more important as we scale and launch even more markets. We take an approach to security that is data-driven and requires engineers with a mindset around measurement and principled decision making when it comes to risk. As a Security Engineer at Tala, you are passionate about finding security weaknesses and crafting scalable and usable solutions. You will provide expert advice and consultancy to internal customers on risk assessment, incident triage, threat modeling, and security vulnerability mitigation. You will collaborate with engineering teams to drive product roadmaps by providing security requirements that map security controls to service features.
What you'll do:
* Implement information security controls and patterns that support risk assessments and the development of secure architectures
* Architect, deploy, configure, and maintain application security features of WAF and Bot detection technologies
* Work in conjunction with application development teams to tune and configure WAF rules and attack responses
* Use security tools and services to audit environment, detect issues, and coordinate remediation of issues
* Work in conjunction with DevOps team to automate and streamline the security processes and procedures
* Identify and implement policies and processes to ensure regulatory and PII compliance in all of our markets
* Evaluate and work with teams to recommend new and emerging security technologies for use inside and outside the security organization
* Helping engineers design more secure systems via design input or code review
* Be an advocate for customer trust
What you have:
* Expert experience working with AWS services such as GuardDuty, Key Management, Inspector, S3, CloudFormation, CloudWatch, Cloudtrail, AWS Config, EC2, VPC, IAM
* Strong understanding of PaaS/IaaS and software defined networking
* Strong understanding of cloud networking, operations, automation, and orchestration
* Strong proficiency in scripting (Perl, Python, etc.)
* Experience in threat modeling and risk identification.
* Experience in security vulnerability assessments and remediation techniques.
* Experience developing and delivering security software tools.
* Experience with security in service-oriented architectures and web services.
* Experience in penetration testing and exploitability-focused vulnerability assessment.
* Detailed knowledge of standards for authentication and authorization.
This Role Uniquely Offers:
* Responsible for securing our whole AWS/Cloud Operations
* Securing and automation of security practices across the world for Tala apps
* Ability to build an infrastructure that sits around the world
* Opportunity to go to our markets (Kenya, Philippines, Mexico, India)
We strongly believe that inclusion fosters innovation and we're proud to have a diverse team with a wide variety of backgrounds and experiences. We focus on hiring talented people regardless of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Tala is the leading mobile technology and data science company committed to financial inclusion globally. Millions of people have borrowed through Tala's smartphone app, which provides instant, personalized credit to underserved customers in East Africa, Southeast Asia, and Latin America. Tala is backed by leading venture and impact investors including PayPal, Revolution Growth, IVP, and Lowercase Capital. Tala is headquartered in Santa Monica with additional offices in Nairobi, Manila, Dar Es Salaam, Mexico City, and Bangalore.
Tala is a mobile technology and data science company that is revolutionizing financial services in emerging markets.