Senior Security Engineer

Endeavour is an innovative company focused on transforming the world’s infrastructure with a passion for sustainability. They are seeking a Senior Security Engineer to enhance their technology stack, troubleshoot technical issues, and implement new infrastructure solutions within their IT team.

Responsibilities:

• Lead security operations initiatives focused on securing modern software development pipelines, CI/CD platforms, and cloud-native DevOps environments
• Partner with engineering and DevOps teams to embed security controls into the Software Development Life Cycle (SDLC) using Dev/SecOps best practices
• Design, implement, and monitor security controls for source code repositories, build systems, artifact management platforms, and deployment pipelines
• Conduct threat modeling, risk assessments, application pen testing, and security reviews for internally developed applications, APIs, and automation platforms
• Develop and maintain detection and response capabilities for software supply chain threats, credential misuse, pipeline compromise, and cloud workload attacks
• Manage vulnerability management processes for applications, containers, infrastructure-as-code, open-source dependencies, and CI/CD tooling
• Implement automated security scanning tools including SAST, DAST, SCA, IaC scanning, and container security solutions
• Monitor security events across cloud platforms, developer tooling, SaaS environments, and production systems using SIEM/XDR technologies
• Investigate and respond to security incidents involving applications, DevOps tooling, cloud environments, and identity platforms
• Establish security standards for AI/ML systems including model governance, secure API usage, data protection, and responsible AI controls
• Assess and mitigate emerging AI-related risks such as prompt injection, model abuse, data leakage, shadow AI usage, and unauthorized automation
• Evaluate, implement, and secure enterprise AI tools to improve SecOps efficiency, threat detection, alert triage, and incident response workflows
• Build automation scripts and workflows to streamline repetitive security operations tasks and improve response times
• Collaborate with developers to remediate security findings quickly while balancing operational efficiency and release velocity
• Create dashboards, metrics, and reporting for security posture across DevOps pipelines, application environments, and AI platforms
• Stay current on evolving threats related to software supply chain security, cloud platforms, DevOps ecosystems, and artificial intelligence technologies
• Other duties as assigned

Requirements:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Software Engineering, or related field required; equivalent professional experience may be considered
• 5+ years of experience in Security Operations, Cybersecurity Engineering, DevSecOps, or related information security roles
• Hands-on experience securing CI/CD pipelines, source code repositories, cloud environments, and modern software development platforms
• Experience with security tools such as vulnerability management, SIEM, endpoint detection, SAST/DAST, container security, and infrastructure-as-code scanning
• Strong knowledge of cloud platforms such as Amazon Web Services AWS, Microsoft Azure, or Google Google Cloud
• Critical Thinker
• Work in a fast-paced environment
• Solve complex problems
• Strategies and scale ideas and solutions
• Trustworthy and reliable
• Self-Starter and ability to work independently
• Ability to work with technical and non-technical staff
• Strong written and verbal communication skills
• Experience with automation or scripting using Python, PowerShell, Bash, or similar languages, with familiarity securing or governing AI tools and platforms preferred