Senior Security Engineer

Role Overview

• Secure and Operate the Cloud Environment
• Own cloud security posture across multi-region AWS environments — continuously assess, harden, and improve
• Operate the full security toolset: CSPM, SIEM, vulnerability management, network security, ZTNA, DLP, EDR, and endpoint management
• Drive the vulnerability management lifecycle end to end: scan cadence, prioritization, remediation SLAs, and reporting
• Manage identity and access infrastructure in collaboration with IT, spanning MFA, IAM, IGA, privileged access, and credential management
• Lead the buildout of a Privileged Access Management (PAM) program
• Support ongoing cloud migration security workstreams
• Monitor threat intelligence and external attack surface signals; translate findings into prioritized action
• Serve as a primary responder for security incidents — triage, contain, eradicate, and recover with urgency and discipline
• Own incident response process maturity: playbook development, evidence chain of custody, forensic readiness, and post-incident reviews
• Be available for occasional after-hours response when critical incidents arise
• Set the coding and AI standard for the InfraSecOps team — write tools, automate workflows, and actively mentor peers in modern security engineering practices
• Build and maintain automation for alert triage, compliance evidence collection, asset inventory, and security metrics
• Develop API integrations between security tools to eliminate manual handoffs and improve data fidelity
• Contribute to security-as-code practices: IaC security reviews, CI/CD pipeline hardening, and software supply chain controls
• Champion AI-native tooling across the team; evaluate and implement AI-assisted detection, threat hunting, and response capabilities
• Build and contribute to Agentic AI frameworks within the security program
• Stay current on AI security risks — prompt injection, model abuse, shadow AI — and turn awareness into practical controls
• Maintain the security program roadmap and key results for your domain, including compliance attestation timelines and remediation SLA adherence
• Track and mature the security tool portfolio: monitor adoption, measure effectiveness, and drive continuous improvement
• Maintain risk registers and GRC platforms; ensure findings are triaged and resolved within SLA
• Coordinate audit evidence collection for SOC 2 Type II, PCI DSS 4.0, and CyberEssentials+
• Contribute to executive and board-level security reporting — translate operational data into clear program narratives
• Drive cross-functional follow-through with Engineering, IT, Data, and PMO on security workstreams

Requirements

• 5+ years in security engineering, security operations, or a combined SecOps/program role
• Must be authorized to work in the United States and be US-based
• Hands-on experience operating cloud security tooling in AWS environments
• Proficiency in at least one scripting or programming language — Python strongly preferred
• Experience building dashboards, writing queries, and tuning alerts in a SIEM platform
• Strong working knowledge of vulnerability management and incident response lifecycles
• Experience supporting compliance frameworks: SOC 2, PCI DSS, or equivalent
• Demonstrated use of AI and ML tooling in a professional security context
• Track record of mentoring or upskilling peers in technical disciplines
• Strong written communication skills — equally effective writing for engineers and executives
• Comfortable with occasional after-hours availability for critical security incidents

Tech Stack

• AWS
• Cloud
• Python

Benefits

• Generous paid time off
• Competitive medical, dental & vision coverage
• 401K with company match for US
• Company-paid life insurance
• Company-paid short-term and long-term disability
• Access to mental health and wellness resources
• Company-paid volunteer time to do good in your community
• Legal coverage and other supplemental options
• A value-based culture where growth opportunities are endless