Key skills
AWSCloudKubernetesLinuxSplunkAICI/CDSnykTrivyOWASP
About this role
Role Overview
- Lead and operate vulnerability management across infrastructure, platforms, and applications
- including internal scans, dependency analysis, and external findings, validating true positives and driving remediation with engineering teams
- Build, operate, and mature SIEM/XDR capabilities, including log ingestion, detection rule development, alert tuning, and investigation workflows
- Investigate and respond to security incidents across cloud infrastructure and applications, performing root cause analysis and driving long-term fixes
- Design and implement detection strategies for suspicious activity, including data exfiltration patterns using application and database telemetry
- Lead and contribute to threat modeling exercises and security design reviews to identify risks early and strengthen architecture
- Apply deep expertise in AWS and Kubernetes to design, secure, and improve resilient and secure cloud infrastructure at scale
- Drive infrastructure and CI/CD hardening initiatives, with a focus on reducing software and container supply chain risk
- Lead efforts to implement and improve dependency and container supply chain risk detection systems and controls
- Partner closely with engineering teams to remediate vulnerabilities and improve secure development and deployment practices
- Support and implement security controls aligned with PCI DSS, SOC 2, and other compliance requirements
- Develop and implement automation (including AI where appropriate) to improve efficiency in security operations, detection, and response
- Triage and validate external security findings, distinguishing true positives and coordinating remediation
Requirements
- 6+ years of experience in security, software, or infrastructure engineering, with hands-on experience securing cloud-based production systems and working with real-world security challenges
- Experience contributing to threat modeling and security design reviews for modern systems
- Strong hands-on experience in vulnerability management, including scanning, triage, validation, remediation coordination, and verification
- Experience working with SIEM platforms (e.g., Wazuh, Splunk, ELK) for detection engineering, monitoring, and incident response
- Practical experience triaging findings from vulnerability scanners and bug bounty programs
- Strong knowledge of AWS, Linux, and Kubernetes infrastructure, including security architecture, hardening, and operational best practices
- Experience improving infrastructure security, including CI/CD hardening and mitigating software supply chain risks
- Experience with container and dependency security tools (e.g., Snyk, Trivy, Grype, etc.)
- Ability to investigate issues directly using logs, cloud tooling, and system-level data
- Knowledge of common security vulnerabilities and mitigation strategies (OWASP, SANS, etc.)
- Working knowledge of compliance frameworks such as PCI DSS and SOC 2.
Tech Stack
- AWS
- Cloud
- Kubernetes
- Linux
- Splunk