Key skills
PythonJavaGoRubyBashAIMachine LearningMLAWSAzureGCPTerraformKubernetesDockerPenetration TestingWAF
About this role
Pindrop is the Real Human + Right Human® Identity Trust Platform for the AI era. As a Senior Security Engineer, you will conduct security assessments, design security controls, and manage security platforms to protect against fraud and identity manipulation.
Responsibilities:
- Conduct comprehensive security assessments and risk analyses of systems, networks, infrastructure, and applications to identify vulnerabilities and drive improvements across both on-premises and cloud postures
- Lead the design, development, and implementation of security controls, tool integrations, security log onboarding, incident response plans, and automation for compliance checks, alerts, and reporting
- Own and manage the administration of core security platforms and technologies, including EDR, SIEM, DLP, vulnerability management, firewalls, and web application firewalls
- Perform technical security assessments, penetration testing, code audits, and offensive/defensive security exercises to continuously evaluate, strengthen, and validate detection and response capabilities
- Utilize AI tools and methodologies to improve productivity, automate threat detection, vulnerability scanning, and alerting, proactively identifying and mitigating emerging threats
- Provide expert guidance and mentorship to internal teams on SIEM, Incident Response, WAF, and evidence requirements for frameworks such as ISO27001, SOC2, PCI DSS, and NIST
- Continuously monitor security events, lead security investigations, and coordinate incident response activities during active security breaches
- Stay current with emerging technologies (including AI, machine learning, and IoT risks), trends, threat intelligence, security certifications, and compliance regulations
- Proactively advocate for process improvement and security innovation across the organization
- Prepare and deliver documentation and dashboards for stakeholders and customers, conveying actionable insights from security-related activities and findings
Requirements:
- 5+ years of hands-on experience with security technologies and tools such as EDR, SIEM, DLP, vulnerability management, penetration testing, SAST/DAST, and file integrity monitoring
- 3+ years of experience leading Security Operations, incident response, and investigations, with a solid track record of resolving security events and developing incident response plans
- Advanced proficiency with scripting or programming languages (Python, Bash, Go, Ruby, or Java) to automate security operations and build custom security tooling
- Deep expertise across cloud and hybrid environments (AWS and GCP required; Azure is a plus), with strong networking fundamentals and experience designing/implementing secure network architectures
- Demonstrated ability to administer and integrate core security tech with enterprise infrastructure alongside a verified familiarity with key frameworks: ISO27001/27002, NIST, CIS, PCI DSS, SOC2, ITIL, COBIT
- Prior software development experience or architectural experience in designing secure software solutions
- Hands-on experience utilizing AI/ML technologies to enhance threat detection, automate remediation, or predict system vulnerabilities
- Recognized industry security certifications (e.g., CISSP, CISM, GIAC, CEH, CISA, AWS Security)
- Direct experience with modern containerization, cloud-native security, and orchestration tools (Kubernetes, Docker, Terraform/Infrastructure-as-Code)