# Senior Security Engineer

**Company:** [Sift](https://hotfix.jobs/companies/sift)
**Location:** Seattle, WA, San Francisco, CA
**Role:** Security Engineering
**Salary:** $145k – $200k/yr
**Experience:** 5+ years
**Skills:** AWS, GCP, Python, Go, Java, IAM, SAST, DAST, SIEM, Vulnerability Scanning, Container Security, Secrets Management, Threat Modeling, Incident Response
**Posted:** 2026-06-11

> Senior Security Engineer designing and operating security controls across cloud infrastructure, applications, and CI/CD pipelines. Requires 5+ years in security engineering, cloud experience, and strong automation skills.

## Job Description

## What you’ll do
- Design and implement security controls and tooling across Sift’s infrastructure and applications (e.g., IAM policies, network controls, secrets management, endpoint protections, container and workload security).
- Embed with product and platform teams to perform security design reviews, threat modeling, and code or configuration reviews for new features and services.
- Improve the secure SDLC by integrating AI-powered scanning tools, security scanning (SAST/DAST, dependency and container scanning) into CI/CD, and by developing guardrails, templates, and best practices for engineers.
- Own or co-own vulnerability management workflows, from discovery and triage through remediation, including defining SLAs, coordinating with service owners, and tracking closure.
- Develop automation (scripts, services, integrations) to detect misconfigurations, anomalous activity, or policy violations, and to reduce manual operational work for the security team.
- Participate in security incident response (on-call rotation or escalation), including investigation, containment, root cause analysis, and long-term fixes.
- Contribute to security documentation and standards, ensuring we have clear, actionable guidance for engineers on topics like authentication, authorization, data encryption, and key management.
- Support audits and assessments (e.g., SOC 2, customer security questionnaires) by providing technical details and evidence of control design and effectiveness.
- Mentor other engineers on secure design and implementation practices through pairing, reviews, training sessions, and written guidance.

## What will make you a strong fit
- 5+ years of experience in security engineering, infrastructure engineering, or application security, ideally in a B2B SaaS or cloud-native environment.
- Hands-on experience with at least one major public cloud platform (e.g., GCP, AWS), including IAM, networking, logging/monitoring, and security services.
- Strong proficiency in at least one programming or scripting language (e.g., Python, Go, Java, or similar) and experience using code to automate security controls or detection.
- Direct experience with AI/LLM-specific security risks (prompt injection, model supply chain, etc.).
- Demonstrated knowledge of secure application and system design, including topics like authentication/authorization, encryption in transit and at rest, least-privilege access, and secrets management.
- Experience with security tooling such as vulnerability scanners, SAST/DAST tools, SIEM/centralized logging, endpoint protection, or cloud security posture management.
- Solid understanding of common vulnerabilities and attack patterns (e.g., OWASP Top 10, misconfigurations, supply-chain risks) and how to mitigate them in practice.
- Ability to work cross-functionally with engineering, IT, and compliance/legal teams, and to translate security requirements into practical implementation details.
- Clear written and verbal communication skills, including the ability to document designs and decisions and to educate others on security best practices.
- A collaborative, pragmatic approach: you’re comfortable making risk-based decisions, proposing options, and supporting teams in implementing secure, scalable solutions.

## Similar roles

- [Senior Security Engineer](https://hotfix.jobs/jobs/c38bf924-a386-422a-ba49-f2cc8bac90a1) - Faro Health - San Diego, CA - $145k – $180k/yr
- [Senior Security Engineer](https://hotfix.jobs/jobs/bf99bce1-bf10-4938-81d3-d24f8455171f) - Pindrop - Remote - $140k – $165k/yr
- [Senior AI Security Engineer](https://hotfix.jobs/jobs/3bf86cd0-80a8-46d8-89c2-2aa2763ae822) - Ontic - Remote - $140k – $160k/yr
- [Compliance Operations Lead](https://hotfix.jobs/jobs/a472d32c-edfe-4f70-bfe5-a65b50560046) - Govsignals - New York, NY - $140k – $190k/yr
- [Distributed Systems Cluster Security Software – Engineering Lead](https://hotfix.jobs/jobs/25221b6a-cb4e-4e69-86e3-a5d05f1d674c) - Cerebras Systems - Sunnyvale, CA - $140k – $240k/yr

**Apply:** https://hotfix.jobs/jobs/f181c936-b1cd-4d2e-b707-84776f04371c
**Canonical:** https://hotfix.jobs/jobs/f181c936-b1cd-4d2e-b707-84776f04371c