Key skills
AWSCloudSDLCCI/CDLeadershipCommunicationPenetration TestingCloud Security
About this role
Role Overview
- Build and run core security capabilities
- Stand up and operate the foundations of our security stack: secure development, vulnerability management, cloud security, and security architecture.
- Own our security tooling
- Select, deploy, configure, and fine-tune tools across scanners and ensure they deliver actionable signals, not noise.
- Embed security into engineering workflows
- Partner with product and platform engineers to make “secure by default” the easiest path. Help design guardrails that support, not slow down, developer productivity.
- Drive pragmatic vulnerability management
- Triage and risk-assess vulnerabilities, shape remediation priorities with teams, and track progress so we’re focusing on what matters most.
- Continuously improve how we operate
- Refine processes, automate wherever possible, and make sure our security practices scale as the company, product, and customer base grow.
Requirements
- Solid senior experience
- Typically 5+ years in security engineering, with hands-on, builder-style experience.
- Startup or scale-up background is a strong plus.
- Cloud security ownership
- Demonstrated experience deploying and operating security controls in AWS.
- Depth in key security domains
- Comfortable taking the lead in at least one (ideally several) of Vulnerability Management programs, Secure SDLC, CI/CD security tooling pipeline integrations, Penetration Testing.
- Developer-aware mindset
- You think about the impact of controls on developer workflows and design solutions that engineers actually want to use.
- Clear, confident communication
- Able to translate complex risks, constraints, and trade-offs into language that resonates with engineers, leadership, and non-technical stakeholders.
- Nice to Have OSCP or similar offensive/security certifications.
- Experience preparing for SOC 2, ISO 27001, or PCI audits.
Tech Stack
- AWS
- Cloud
- SDLC