Security Engineer
Security Engineer embeds security into development lifecycle, conducts threat modeling, builds automated scanning in AWS CI/CD pipelines, leads incident response, and implements compliance controls like ISO 27001. Requires 5+ years experience, AWS mastery, coding in C#/Python, and automation skills.
How You’ll Contribute
- Design Secure Systems: Partner with engineering teams to conduct threat modeling. Ensure security is "baked-in" to new features from the first line of code, not "bolted-on" at the end.
- Drive Proactive Defense: Build and maintain automated scanning, penetration testing frameworks, and monitoring tools within our AWS CI/CD pipelines to catch vulnerabilities before they reach production.
- Own Governance & Compliance: Lead the technical implementation of controls for ISO 27001 and TX-RAMP, turning complex regulatory requirements into simple, actionable engineering standards.
- Lead Incident Response: Act with ownership during security events. Lead investigations and root-cause analysis, providing the Collective Wisdom needed to prevent future occurrences.
- Mentor the Team: Champion a "security-first" mindset. Host workshops that empower developers to write secure code and understand modern attack vectors.
The Foundation for Success
- Cloud Security Mastery: Proven track record of securing AWS environments (IAM, Network Security, Infrastructure-as-Code) at scale.
- Code-Level Proficiency: Read and write code (C#, Python, or similar). Suggest secure code alternatives.
- Automation Mindset: Experience with SAST/DAST and vulnerability management platforms. Prefer scripts over manual checks.
- Pragmatic Compliance: Implemented controls in regulated environments without slowing business velocity.
- Experience: 5+ years in security engineering or software development with a security focus.
What Sets You Apart
- Experience securing video streaming architectures or high-scale backend services.
- History of leading incident response in a remote-first environment.
- Deep expertise in OWASP Top 10 and secure API design.
Sr. Security Engineer, Incident Response
Technical lead for incident response across multi-cloud infrastructure. Owns triage, containment, automation, and detection tuning using CrowdStrike, Tines, and Cyberhaven DLP. Requires 5+ years in IR/SOC roles.
Sr. Security Engineer, Incident Response
Technical lead for incident response across multi-cloud environments. Owns triage, containment, automation, and detection tuning using CrowdStrike, Tines, and Cyberhaven DLP. Requires 5+ years in IR/SOC roles.
Director, Product Security Engineering
Lead product security initiatives by embedding security into the SDLC, performing threat modeling, building security tooling, and mentoring teams. Requires 8-10+ years of product security experience and deep expertise in cloud, application, and mobile security.