Security Engineer I
Paychex · Webster, NY | Tempe, AZ | Cincinnati, OH · Information Technology
Overview
The Product Security Engineer I is responsible for collaborating in the evaluation and utilization of diverse security technologies and tools, while participating in threat and vulnerability management to assess risks and guide remediation efforts with both internal and external partners. This role involves performing manual penetration testing, threat modeling, and security design reviews, actively engaging with development teams to ensure compliance with security regulatory requirements, and assisting in developing security training materials. Additionally, the engineer maintains security documentation, fosters communication with partners, and pursues ongoing professional development to stay updated on technological trends and security best practices.
Responsibilities
Security Technology Evaluation
• Collaborate on the evaluation and use of security technologies and tools, including, but not limited to technologies for Static Application Security Testing, Dynamic Application Security Testing, Layer 7 Vulnerability Detection and Monitoring, etc.
Threat and Vulnerability Management
• Participate in the assessment of potential threats and risks to systems and technologies, driving remediation with internal and external partners
• Assist with identification, prioritization, and remediation guidance of security vulnerabilities and threats.
• Responding to vulnerabilities disclosed through threat detection systems.
• Collaborating with the engineering team to perform regular product security assessments and threat modelling.
Security Training and Awareness
• With supervision, develops security training materials that support the training of IT personnel and security program participants in the application of company security policies, standards and procedures.
Security Review and Assessment
• Participate in manual pen testing of new and existing systems
• Perform threat modeling, security design reviews, code reviews, and consultations with other staff
• Active engagement with development teams to include review of architecture flows, data flows, and system or software design requirements for compliance with product security regulatory requirements
• Security Reviews: perform manual design and implementation reviews of products and services"
Communication and Collaboration
• Develops and maintains relationships with internal and external partners to ensure effective communication of findings/resolutions.
• Collaborate on approval, tracking, and reporting any security exceptions as the need arises
Security Documentation and Standards
• Maintaining internal documentation and security standards to ensure security best practices are followed.
Professional Development
• Develops in knowledge of information security risks, threats, and controls, secure coding standards, best practices and SecDevOps, and cloud platforms and how to properly implement security practices.
• Keeps abreast of technological trends and developments.
Qualifications
- Bachelor's Degree in Information Security, Software Development, or another related technical discipline. - Preferred
- 1 year of experience in Information Security, Cyber Security
- Ability to identify and automate repetitive or high volume tasks
- Knowledge of generative AI and agentic AI and its implications to security. Knowledge of how AI can be applied to enhance security operations
- 1 year of experience in Object oriented programming languages: C#, Java, .Net, Python or JavaScript
- Knowledge of back-end frameworks such as Spring, .NET or Node, as well as familiarity with modern front-end frameworks such as Angular or React.
- Cybersecurity certifications such as (ISC)2 Associate, GSEC, CEH, etc. - Preferred
- Security+ or SANS GIA - Preferred
Compensation
n the spirit of pay transparency, we are excited to share that the starting base pay range for this position is $69,200 - $108,800 annually. Please keep in mind that this range is the base pay only and does not consider other components that make up the total rewards package for the position. If you are hired at Paychex, your overall compensation will be determined based on factors such as geographic location, skills, education, and/or experience which may result in total compensation outside of this range.
Live the Paychex Values
What's in it for you?
- We value your well-being: We provide over 21 comprehensive rewards, including medical coverage, virtual wellness classes, tuition reimbursement, 401(k) + employer match, adoption assistance, financial assistance, and much more.
- We value your time: From paid time off to company holidays, culture days, and comprehensive work-life balance programs, we will ensure you have the flexibility you need to be your best.
- We value your development: Our award-winning training and development programs empower our employees with ongoing learning opportunities to give you the building blocks to grow your career.
- We value your perspective: Our company culture reflects the diversity of our employees. We want you to be you and your voice to be heard.
- We value our communities: We offer paid time off for volunteerism and promote many company-wide and local initiatives that benefit organizations you care about.
Note: The benefits described apply to full-time employees. Benefits for part-time, contract, and intern roles may vary.
Not sure if you meet every requirement?
At Paychex, we know that great talent comes in many forms. If you're passionate about the role but don't check every box, we still encourage you to apply. You might be the right fit - either for this position or another opportunity with us.
Paychex is an equal opportunity employer. We are committed to fostering a respectful and inclusive workplace where all individuals are treated fairly and evaluated based on their qualifications, experience, and merit. We comply with all applicable federal, state, and local laws prohibiting discrimination in employment.