What we're building and why we're building it. There's a reason Fetch is ranked top 10 in Shopping in the App Store. Every day, millions of people earn Fetch Points buying brands they love. From the grocery aisle to the drive-through, Fetch makes saving money fun. We're more than just a build-first tech unicorn. We're a revolutionary shopping platform where brands and consumers come together for a loyalty-driving, points-exploding, money-saving party.
Join a fast-growing, founder-led technology company that's still only in its early innings. Ranked one of America's Best Startup Employers by Forbes two years in a row, Fetch is building a people-first culture rooted in trust and accountability. How do we do it? By empowering employees to think big, challenge ideas, and find new ways to bring the fun to Fetch. So what are you waiting for? Apply to join our rocketship today!
Fetch is an equal employment opportunity employer. In this role, you can expect to: Ensure that stakeholder security requirements necessary to protect the organization's mission and business processes are adequately addressed in all aspects of enterprise architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes.Be technical. You will dive into the details of issues, identify gaps in solutions, debate technical approaches, weigh technology tradeoffs, perform analysis, and build software. You will be expected to gain a technical understanding of the Fetch Rewards app, our internal systems, and our software development lifecycle.Execute initiatives. You will lead and drive elements of the company's security strategy, including the development or revision and execution of applicable policies, procedures, and employee training programs to support that strategy according to industry best practices.Take responsibility. You will be responsible for coordinating incident response and managing post-incident actions for information security events.Effectively communicate with external and internal stakeholders on information security topics ranging from audit results, responding to information security questionnaires, information security policies and procedures, and adherence to industry best practices and recommendations as a result of risk analysis. You will clearly articulate risks, business impacts, and technical constraints tailored to the audience (i.e., from engineers to executives).Collaborate. You will partner across multiple internal teams help stakeholders meet their goals in a secure way and help identify mitigating controls.Balance priorities. You will triage multiple initiatives, make judgment calls, and tackle the right problems at the right time.Get your hands on problems and learn.You are a good fit if you: 7+ years experience in system engineering, network engineering, cybersecurity, information security, or Unix/Linux administration3+ years experience with Cloud infrastructure and tooling (preference for AWS experience)Bachelors in Computer Science or equivalent experienceDevelop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple data classification levelsDocument and address the organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycleEnsure that acquired or developed system(s) and architecture(s) are consistent with the organization's cybersecurity architecture guidelinesPerform security reviews, identify gaps in security architecture, and develop security risk management/mitigation plansDefine and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment (T0268)Evaluate security architectures and designs to determine the adequacy of security design and architecture. Collaborate with DevOps teams and developers to develop or implement solutionsExperience in DevSecOps and working with developers to advance the goals of an information security programExperience in obtaining PCI DSS and SOC 2 certificationsHave a risk-driven mindset that can balance the needs for speed, creativity, and safetyEffectively identify needs, design solutions, establish plans, and execute themPossess technical foundations in identity and access management, cloud infrastructure security, and security in generalExceptional understanding of computer networking, network security, internet protocols, TLS/SSL, encryption standards, firewalls, monitoring, distributed applications, and data processing systemsYou have an edge if you: Developed and delivered security initiatives, such as building authentication/authorization systems, implementing vulnerability management solutions, obtaining PCI DSS or SOC 2 certification, etc. This includes defining scope, driving consensus on the technical design, building project plans, proactively identifying and managing risks, and getting the job done.Have expertise in data privacy, security compliance, and distributed systems security.Possesses experience in the operations of highly available and scalable internet systems with large customer bases.Demonstrate the ability to deliver on initiatives in a matrix-style, geographically distributed, and fast-paced startup environment.CISSP, CISM or CCSP certifications.Masters in Computer Science or equivalent experience.At Fetch, we'll give you the tools to feel healthy, happy and secure through: Equity for everyone401k Match: Dollar-for-dollar match up to 4%.Benefits for humans and pets: We offer comprehensive medical, dental and vision plans for everyone including your pets.Continuing Education: Fetch provides ten Thousand per year in education reimbursement.Employee Resource Groups: Take part in employee-led groups that are centered around fostering a diverse and inclusive workplace through events, dialogue and advocacy. The ERGs participate in our Inclusion Council with members of executive leadership.Paid Time Off: On top of our flexible PTO, Fetch observes 9 paid holidays, including Juneteenth and Indigenous People's Day, as well as our year-end week-long break. Robust Leave Policies: 20 weeks of paid parental leave for primary caregivers, 14 weeks for secondary caregivers, and a flexible return to work schedule. $2000 baby bonus. Hybrid Work Environment: Collaborate with your team in one of our stunning offices in Madison, Birmingham, or Chicago. We'll ensure you are equally equipped with the hardware and software you need to get your job done in the comfort of your home.
