Lead Information Security Engineer

Location: Denver, CO or Remote

This person reports to: CTO

Who We Are:

Aspenware empowers mountain resorts and ski areas to deliver the ideal digital guest experience. Our guest-facing ecommerce and registration software is the most capable in the industry and is used by millions of skiers worldwide to process hundreds of millions of dollars in annual sales. The resorts we work with trust the innovation and thought leadership that Aspenware provides, and they leverage the operational advantages of our platform to grow their businesses.

We are a talented and high-performing team and welcome the opportunity to learn from one another.

Aspenware makes hiring decisions based on how well candidates align with our Core Values. Aspenware employees are…

Dependable: We take ownership. We are accountable and adaptable. We have a can-do attitude and are willing to pivot.

Innovative: We are thought leaders who bring creativity and a desire for innovation to everything we do. We are continually improving ourselves and our surroundings.

Talented: We are smart and good at what we do. We are focused, confident, and we get stuff done using a combination of our abilities and resourcefulness.

Caring: We care about our co-workers and our clients. We are mindful of and inspired by the impact our work has on our communities.

What You Will Do:

The Lead Information Security Engineer will be responsible for the security of Aspenware’s operational enterprise and will partner with engineering teams to improve the security of our products and cloud environments. You will manage Aspenware’s security operations, IT vendor relationships, and efforts to mitigate existing and emerging cybersecurity threats. You will assess, prioritize, and remediate security risks to improve Aspenware’s overall cybersecurity posture.

This is a key role at Aspenware and reports directly to the Chief Technology Officer. You will work closely with the CTO, other engineering leaders, and business stakeholders to represent the security needs of our platform.

You Should:

Take ownership of the security of the Aspenware enterprise
Partner with engineering teams to help ensure the security of our products, cloud infrastructure, and technical platform
Understand key security attack vectors and protect Aspenware from malicious actors who wish to abuse our platforms.
Effectively identify and contain security incidents, communicating both suspected and confirmed incidents to business leaders
Perform in-depth investigations when the suspicion of a threat emerges.
Ensure compliance and meet disclosure obligations
Develop mitigation and remediation plans to address critical risks
Identify opportunities to improve existing security processes, policies, and tooling
Help cultivate and foster a culture of security across the entire organization by driving awareness and promoting a cohesive narrative around security
Develop and document network security reference architectures, design patterns, roadmaps, and other architectural artifacts aligned with policies, standards and industry best practices
Work closely with our DevOps team to manage cloud security in Azure:
Evaluate Azure cloud and hybrid security services, tools, and appliances in the areas of (but not limited to): intrusion detection, intrusion prevention, packet capture, and quarantine
Assess network/cloud security posture and recommend modifications for enhancements, improvements, and mitigations
Collaborate with enterprise partners and incident response teams regarding requirements and deployment of security services, tools, and appliances
Manage security vendor relationships with respect to security requirements and technical support
Work internally and with external vendors to provide oversight for computers, devices, and networks in a remote work environment

Who You Are:

You are passionate about cybersecurity and have a track record in improving the security posture of software engineering organizations. You take pride in staying on top of and ahead of information security techniques, standards, and trends. You are a lifelong learner who is constantly educating and challenging yourself to stay ahead of the cybersecurity curve.

You Ideally Have:

4+ years of experience in a cybersecurity role within a software development organization
8+ years in technical roles – as a software engineer, information security analyst or similar
Masters or bachelor’s degree in Information Systems with a focus in cyber security or equivalent experience or certifications
Experience with NIST CSF, ISO27001, PCI, or similar standards/certifications
Ownership over a past organization’s pursuit of security certifications
Experience with OWASP or similar standards. Familiarity with DevSecOps
Experience with security management for SaaS software organizations
Direct experience with cloud security
Hands-on experience establishing and configuring security controls for Microsoft Azure and Microsoft 365 components
Understanding of DDOS and other infrastructure threats at the edge
Strong understanding of security as it relates to CDN, API management, and load balancing technologies
Strong understanding of Azure monitoring capabilities

What’s In It for You:

4 weeks of PTO to start and increases with seniority
8 paid holidays
6 days of sick time
Paid parental leave for both primary and secondary parents
Medical, dental, and vision insurance
Life insurance
401k plan with a 5% match
Annual all-company ski day
Seasonal Ski Pass – Ikon Pass
National Park Pass for the entirety of your employment
Annual Wellness Stipend
Flexible work environment – work from home or the office!

Salary: the salary range for this position is $130,000.00 – $150,000.00

In accordance with the Colorado Equal Pay for Equal Work Act, the approximate salary range is listed above. The actual offer will be determined by various factors including experience, skills, and internal equity among our team.

Aspenware provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training

Primary Navigation

Lead Information Security Engineer