Entegral Lead Security Engineer- Remote

Entegral is a global team of individuals who collectively create a culture that strives to provide an inclusive environment where you can thrive. We offer an active community minded Diversity, Equity and Inclusion committee. We support our women through monthly employee resource groups. We believe in belonging through providing My Purpose, My Time paid time off to volunteer. We invest in your growth through dedicated Days of Development. We believe in people over process. We refine and challenge our agile mindset through various communities of practice. Your voice is important and we have a commitment to listen in our company wide town halls. We welcome you to join our team!

Powered by Enterprise Holdings, the world's largest car rental provider and operator of the Enterprise Rent-A-Car® brand, Entegral is a business-to-business solution that enhances the customer experience from the moment after an accident to the completion of the claim.

Enterprise Holdings Inc. , a recognized leader in the automotive and insurance replacement industries, launched Entegral. Enterprise Holdings operates - through an integrated global network of independent regional subsidiaries and franchises - Enterprise Rent-A-Car , as well as the Alamo Rent A Car and National Car Rental brands, in more than 10,000 fully staffed neighborhood and airport locations in 100 countries and territories.

Entegral is a remote first organization with remote and onsite employees aligned to flexible teams from office locations in California , Missouri , Wisconsin and the United Kingdom . Residents of the following United States are invited to apply for remote work opportunities as these are the locations Entegral has business licenses; AZ, CA, FL, IL, LA, MD, MI, MN, MO, NJ, NV, NY, OH, OR, TN, TX, VA, WA and WI with flexible options available for candidates local to primary office locations.

Our team is seeking a motivated, adaptable, hard working teammate and talented career-minded professional who would like to make a difference utilizing their skill set, while working in a thriving agile-methodology environment. We offer competitive career opportunities, great benefits and promote a work-life balance. We are diverse. We are equitable. We are inclusive. Entegral is promoting an inclusive and equitable company culture. We work to ensure that our products meet the needs of all of our customers. Our products reflect the diversity of our team.


Be part of a team where you will lead operational and strategic activities in our dynamic IT environment. In addition, you will lead project planning, provide technical leadership and will work within your own area, as well as across functional teams. A key aspect of the role is to emulate real-world attacks, providing a critical component of Entegral "Assume Breach" strategy and ensuring readiness against, ransomware determined adversaries and targeted attacks against Entegral's digital-customer landscape. You will be responsible to create a threat model framework, maintain up-to-date Security Threat Profiles and assist in remediating gaps and address zero-day remediations. Your threat Intelligence exercises will provide a level of assurance that the system and environment are appropriately configured to resist attack and that the threat profiles are measuring dependent as well as specific systems. The Lead Software Security Engineer will be responsible for integrating and architecting Security tools and automation, creating a cohesive vision across the platform in our shift-left journey. In this role you will create a baseline profile of the target, with the mission to hijack Command and Control from the distributed system. You will routinely collaborate with Architects and contribute to the development of strategic planning for the department as well as communicate clear, concise strategic vision. When leading projects, you will be responsible for holding yourself and others accountable for detail-orientation and will be required to deliver well-tested, secure, interoperable technologies that support company vision and strategy.
You must be able to maintain effective relationships with all levels of company management, as well as with internal and external customers. You will also be required to establish and monitor key performance metrics to ensure compliance of established standards, processes and procedures. As a Lead Engineer, you must actively coach, mentor and teach others as well as use influence, expertise and leadership to support other teams as they implement technology solutions.

● Lead out defining our threat landscape opportunities and threat vectors as it relates to ransomware, lateral movement and the recovery model
● Work tightly with our BCP/DR Office to validate recovery methods, processes and procedures and their vulnerabilities
● Lead out the Security Office strategy around BCP requirements based on threats and security intelligence
● Lead out Forensic and Cyber Security investigation

● Emphasis will be placed on strategic visioning such as overall design, introducing new technologies, improved metrics, and process improvements as well as tactical that includes developing and reviewing code
● Lead designs of software components and features
● Be part of the full application lifecycle (design, develop, test, deploy and maintain), innovating in each step
● Developing the team using your experiences, at the same time developing yourself by learning from the team experiences
● Analyze and improve efficiency, scalability and stability of applications while delivering impactful business value
● Experience with various design and architectural patterns
● Persuasive, collaborative business acumen with the ability to strategically drive business partners
● Strong communication skills both written and verbal
● Initiative, results-oriented drive and a solid work ethic requiring minimal direction
● Effective analytical, problem-solving and decision-making skills
● Share responsibility with your teammates for occasional after-hours on-call rotation for support of production level systems
● Significant individual contributor performing application design and coding while considering all aspects of security
● Work with OpsEng, Enablement and other Software Development Engineers to assist in providing the tools necessary to analyze and resolve any security related opportunities within a SaaS platform
● Work across product roadmap initiatives to help product teams to understand how new features could impact our overall security posture
● Work in active partnership with development teams during operational security reviews providing leadership and security design guidance
● Analyzing threats and current security controls to identify gaps in current defensive posture.
● Identify appropriate technology/data sources and drive the collection of data necessary to effectively evaluate threats.
● Ensure that operational, security incident trends and observations are considered with regard to the evolution of the Platform's information security services and capabilities.
● Work with various design and architectural patterns to incorporate security best practices
● Design, develop, execute, and maintain complex automated test code, scripts, data, and associated drivers per recognized SDLC methodology.
● Share responsibility with your teammates for occasional after-hours on-call rotation for support of related security incidents

Equal Opportunity Employer/Disability/Veterans



● Must be presently authorized to work in the U.S. without a requirement for work authorization sponsorship by our company for this position now or in the future
● Must be at least 18 years of age
● Minimum, high school diploma or GED
● For flexible or full remote work from home positions, reliable high speed Internet connection and dedicated work space are required
● Must be located in AZ, CA, FL, IL, LA, MD, MI, MN, MO, NJ, NV, NY, OH, OR, TN, TX, VA, WA or WI
● 5+ years of professional experience in application design and development at an enterprise level
● 5+ years' experience in performing Threat model exercises, reporting, threat graphs and zero-day remediations
● 5+ years of experience working with developers in remediating code defects
● 5+ years of experience in Threat profiling
● 5+ years of experience Threat modeling and ethical hacking against a large, distributed environment
● 5+ years' experience in a Cloud paradigm, AWS, GCP, Azure
● 4+ years of experience designing and developing in a microservices environment
● 10+ years of technology relevant work experience
● 8+ years of experience in SQL or NoSQL DB structures, experience with DB migration scripts (SQL Server, MySQL, Mongo)
● 6+ years of experience with various design and architectural patterns
● 6+ years of experience architecting and developing large complex applications
● 5+ years of experience in responding to all levels of security incidents in a SOC
● 5+ years of experience in working with network security (penetration testing,
VPN, BYOD, IoT, etc)
● 5+ years' experience with multiple cloud providers and their native tools (IAM,
security, vulnerability management, etc)
● Experience in an Agile (Scrum or KANBAN) working environment

● Bachelor's Degree in computer science, Computer Information Systems,
Management Information Systems, or related field of study.
● 3+ years working with Okta or Azure identity management Systems
● Experience creating applications in cloud-based and cloud +native development environments (ex. Azure, AWS, Google, Kubernetes)
● Experience utilizing third party identity providers for internal products (Auth0, Okta, JumpCloud, RSA)
● Experience in cloud native computing (Docker, Kubernetes)
● Experience developing software in a SaaS environment using CI/CD and DevOps methodology
● Current CISSP, CCSP, CCSK, SSAP, CISCS, or CRISC Certifications
● Experience with SOC audits and remediations related to endpoint security and application security
● Experience creating applications in cloud-based and cloud native development environments (ex. Azure, AWS, Google, Kubernetes)
● Experience creating and consuming Restful and/or SOAP API's
● Experience developing software in a SaaS environment using CI/CD and DevOps methodology
● Automated test development and execution (for example, REST-assured, Selenium, etc)
● Experience working on applications that leverage Service Oriented Architecture (SOA)
● Experience designing and developing in a micro-service environment

Qualified candidates should also possess:
● Demonstrated ability and examples of keeping current on technology trends
● Excellent communication and collaboration skills
● Experience leveraging your influence to drive results at a team and product level
● Examples of promoting innovative changes at a team or department level
● Experience leading initiatives or teams from a technical perspective
● Experience mentoring less experienced engineers

● Understanding of the shift-left architecture, design and sustainability design methodology