Skip to content
Kaizen LabsKaizen LabsNew York, NY

Senior Security Engineer

Own end-to-end security architecture, compliance (FedRAMP, CMMC), and secure supply chain practices for a federal-focused government platform on AWS. Lead technical readiness and drive secure-by-default engineering in an early-stage environment.

180k – 220k
Hybrid5+ YOESecurity Engineering

About the role

What You'll Do

  • Architect and operationalize security across infrastructure, platform, CI/CD, and application layers, with a focus on AWS (including GovCloud) and Terraform
  • Lead readiness across federal compliance frameworks — FedRAMP, CMMC, and DoD Impact Levels — translating NIST 800-53 and related controls into real engineering implementations, and owning the SSPs, POA&Ms, and technical policy documentation
  • Build continuous compliance and audit-readiness workflows that make accreditation a byproduct of how we ship, not a separate workstream
  • Use automated AI-driven security scanning, modern hardened-image platforms like Chainguard, and other leverage points to multiply the impact of a small security team
  • Establish secure software supply chain practices: SBOMs, image signing, workload identity, and hardened deployment pipelines
  • Own the technical relationship with assessors, auditors, and federal security stakeholders
  • Drive a secure-by-default engineering culture

What You'll Bring

  • 5+ years of hands-on experience building and securing cloud-native platforms in AWS and Terraform — you can architect controls and also implement them yourself
  • Direct experience with federal authorization work — FedRAMP, CMMC, DoD IL, or comparable regulated environments
  • Deep familiarity with NIST 800-53 and the ability to translate controls into pragmatic engineering work
  • Strong working knowledge of modern supply chain security: SBOMs, image signing, workload identity, secure CI/CD
  • Track record operating effectively in early-stage or fast-moving environments where you set the bar rather than inherit it

Strong Candidates May Also

  • Have supported federal SaaS, defense tech, or regulated infrastructure companies through accreditation
  • Have led a company through its first federal authorization
  • Have hands-on experience with Chainguard, AI-powered security tooling, or similar leverage-multiplying platforms
  • Have worked with platforms like Second Front or similar federal compliance accelerators

What Kaizen Offers

  • Comprehensive medical through Oxford/United — Gold and Platinum PPO plans, with 85% of premiums covered on the Platinum plan and a $0 employee premium option
  • Dental through Guardian PPO and vision through Beam, with 99% of employee premiums covered and 50% for dependents
  • $100,000 in fully paid life insurance
  • FSA and Dependent Care FSA
  • 401(k) access through Guideline
  • 16 weeks of fully paid parental leave for birthing parents; 10 weeks fully paid for non-birthing parents
  • Unlimited PTO, closed for all federal holidays, and company-wide winter break the week of Christmas
  • Up to $750 one-time home office or desk setup stipend for NYC-based employees
  • $50/month commuter benefit
  • Expensed lunch 3x a week while in the office
  • Company-provided laptop
  • Fully covered gym membership at Grindhouse; $100/month fitness reimbursement for remote employees
  • $300/quarter pet care stipend
  • $100/month utility stipend
  • $500/year professional development stipend
  • $250/year recreation stipend

Skills

AWSAws GovcloudTerraformFedRAMPCmmcNist 800-53SspsPoa&MsSbomsImage SigningWorkload IdentitySecure Ci/CdChainguardAi-Powered Security Tooling
Postman

Senior GRC Engineer

PostmanSan Francisco, CA

Senior GRC Engineer responsible for designing, building, and operating automation, integrations, and AI-assisted workflows across governance, risk, and compliance. Leads compliance initiatives including SOC 2, ISO 27001, HIPAA, and FedRAMP while partnering with cross-functional teams to improve security assurance and audit readiness.

180k – 200k
On-site6+ YOESecurity Engineering
Monarch

Senior Application Security Engineer

MonarchUnited States

Senior Application Security Engineer embedded with product and engineering teams at Monarch, a personal finance platform. Conduct AppSec reviews, SAST/DAST, vulnerability management, and AI security for LLM features on Django/Python stack. Requires 5+ years in security engineering with Python and web security expertise.

180k – 215k
Remote5+ YOESecurity Engineering
Temporal

Senior Security Engineer, GRC

TemporalUnited States

Senior GRC engineer owning customer security questionnaires, compliance automation, risk assessments, and policy management across SOC 2, ISO 27001, and HIPAA. Requires 8+ years experience, scripting skills, and strong customer-facing communication.

180k – 225k
Remote8+ YOESecurity Engineering
Lumin Digital

Manager, Network Security

Lumin DigitalUnited States

Lead and build a new network security function at a fintech company, managing a team of engineers, setting technical direction for cloud-native network security architecture, and establishing automated, identity-aware security controls across cloud, SD-WAN, and ZTNA environments.

180k – 200k
Remote7+ YOESecurity Engineering
Valon

Senior Security Engineer, Identity & Access Management

ValonNew York, NY +1

Designs, implements, and operates enterprise IAM systems for workforce and customer-facing authentication in ValonOS, including IdP management, secure protocols, cloud IAM, and AI-assisted workflows. Requires 5+ years IAM experience, deep protocol expertise, and IdP hands-on skills.

180k – 230k
Remote5+ YOESecurity Engineering