Workstream

www.workstream.us

1 Job

263 Employees

About the Company

Workstream is the modern all-in-one HR and payroll solution built specifically for restaurants, and trusted by 30,000+ locations. 46 of the top 50 quick-service restaurant brands, including Burger King, Jimmy John’s, Taco Bell, and more, rely on Workstream power their restaurants.

Listed Jobs

Company Name: Workstream
Job Title: Information Security Engineer
Job Description: **Job Title:** Information Security Engineer **Role Summary:** Build and embed security across the software development lifecycle, cloud infrastructure, and corporate environment for a fast‑growing SaaS HR/payroll platform. Lead the internal Blue Team, collaborate with Red Teams, and ensure compliance with multi‑jurisdictional data‑residency and SOC 2 requirements. **Expectations:** - 3+ years of hands‑on experience in application, infrastructure, and corporate security (the “Security Trinity”). - Strong software engineering background in Node.js and Ruby on Rails. - Proven ability to remediate vulnerabilities, automate security controls, and respond to incidents. - Deep expertise securing cloud (AWS preferred) and containerized environments. - Familiarity with HR/payroll data protection, AI/ML security, and regulatory compliance. **Key Responsibilities:** - Conduct code reviews, architectural analyses, and vulnerability triage for Node.js/Rails services; fix issues such as XSS, SQLi, IDOR. - Develop and maintain SAST/DAST pipelines and secure AI/ML integrations (prompt injection, model poisoning). - Harden AWS/GCP/Azure infrastructure via IaC (Terraform/CloudFormation), implement secure networking, IAM, and container security (K8s/Docker). - Lead Blue Team activities: monitor logs, detect anomalies, run tabletop exercises, and manage real‑time incident response. - Translate Red Team/bounty findings into actionable engineering tasks and defensive measures. - Oversee corporate security: endpoint protection, Okta/SSO, zero‑trust network access, security training, and documentation for SOC 2 Type II and other audits. - Design security architecture to satisfy multi‑state/jurisdictional data residency and breach‑notification requirements. **Required Skills:** - Software development in Node.js and Ruby on Rails. - Vulnerability assessment and remediation (AppSec, SAST/DAST). - Cloud security (AWS focus) and IaC (Terraform/CloudFormation). - Container security (Kubernetes, Docker). - Incident response and Blue Team leadership. - Identity & access management (Okta/SSO), zero‑trust design. - AI/ML security concepts and responsible AI practices. - Strong communication and cross‑functional collaboration. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Information Security, Engineering, or related field (or equivalent practical experience). - Preferred certifications: CISSP, CISM, AWS Certified Security – Specialty, or similar.

San francisco, United states

Hybrid

Junior

23-01-2026