Job Description

Who is Interactions?

Interactions, LLC is the world\xe2\x80\x99s largest independent AI company. We operate at the intersection of customer experience and AI \xe2\x80\x93 two of today\xe2\x80\x99s most innovative and dynamic industries. Since 2004, we\xe2\x80\x99ve helped leading companies like MetLife, Citi, and Shutterfly have millions of successful conversations, resulting in saving operational cost and increasing productivity.

Interactions\xe2\x80\x99 5-year vision is to accelerate a transition from today\xe2\x80\x99s frustrating and uninspired customer service experiences into amazing conversational engagements! Allowing customers to communicate in their own words and on their channel of choice, to accomplish tasks, all without having to go through an agent. In doing this via our conversational AI engine, our customers benefit from dramatically improved customer experience and increased customer engagement, while also saving significant and demonstrable operational expenses.


As a member of the Corporate team, you will be a part of the backbone of a company that builds and brings to market artificial intelligence technologies, including natural language processing and cognitive computing. You will build best practices that will serve internal (and sometimes external) customers and business partners.
The Senior Security Engineer plays a key role in building out security features on a number of Interactions products, both internal and externally facing.

The Senior Security Engineer will work on a team with other developers to ensure code and data security for all products building security features, addressing defects, performing code reviews, interfacing with stakeholders, and other aspects of the software development life cycle.

Job Functions:
Identify weaknesses and vulnerabilities that affect the confidentiality, integrity and availability of corporate
protected, sensitive and confidential company information and data
Conduct Static Application Security Test (SAST) and Dynamic Application Security Test (DAST) using
VeraCode
Work within the DevSecOps model to secure Containers, Pipelines
Perform Vulnerability scans on container environments
Develop, test, and maintain containerized applications security
Troubleshoot any connectivity or operational issues
Ensure security requirements are implemented within various stages of the system development lifecycle
process; work closely with development teams to pen test new features within internally developed
applications
Validate and address vulnerability / threat findings from static and dynamic analysis tools
Characterizes threats and provides recommendations for remediation; manages remediation efforts to completion
Develops and presents finding and remediation reports to audiences including team members from all
department areas and levels of the company
Perform security reviews of software designs and assist developers to ensure quality and robustness of our
internal products
Conduct security assessments against web applications and APIs across a variety of technology stacks
Drive improvements in the security testing practice to include execution methodology and metrics
Partner effectively with development and infrastructure teams to integrate security
Design computer security strategy and engineer comprehensive security architecture.
Develop, execute and track the performance of security measures to protect information and network infrastructure and computer systems
Identify, define and document system security requirements and recommend solutions to management.
Configure, troubleshoot and maintain security infrastructure software and hardware.
Install software that monitors systems and networks for security breaches and intrusions
Evaluate current technologies in use and bring new technical ideas, in keeping with latest industry trends, to
fruition by prototyping and then incorporating it into the Platform.
Participate in daily Scrum activities to closely monitor work against schedules and deliverables, providing
progress updates and reporting any issues or technical difficulties.
Triage and address customer issues
Familiarity with agile best practices and automated CICD
Embrace disruption and challenge the status quo

Required Skills:
Minimum 8+ years of professional experience in application security, penetration testing, security assessment, secure software development or related field

Extensive knowledge with dynamic scanners like Checkmark, White head Palo Alto Prisma or VeraCode

Extensive knowledge of the OWASP- Top 10 (Open Web Application Security Project )

Experience with vulnerability risk and impact assessment

Experience integrating security/API (REST API) capabilities in cloud and application lifecycle management platforms

Extensive knowledge of the secure development lifecycle

Extensive knowledge with static analysis tools and flaw triage such as HP Fortify, IBM Rational, Veracode or Coverity, Find Bugs, Find Security Bugs, Brakeman and Open Source scanning tools such as Sona type CLM

Extensive knowledge with vulnerability scanners like Qualys and Tenable

Drive awareness and knowledge of security in developers

Why Work at Interactions?

We\'ve created a culture of people who are dedicated to helping each other and the company succeed. We take time to celebrate wins and recognize accomplishments. Whether it\xe2\x80\x99s a seasonal event or friendly competition, we\xe2\x80\x99re always thinking of new ways to have fun.

Our team\'s health and well-being is important to us. In addition to a full suite of benefits, we offer 5 weeks of time off with pay, 401k matching, paid parental leave and flexible work schedules. We are all committed to the company\xe2\x80\x99s success by being valued shareowners and are incentivized through individual performance and company results. Come join us!

Interactions is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, and gender identity), national origin, marital status, age, disability or protected veteran status, or any other characteristic protected by law.