Security Engineer (Security Operations, Zero Trust)

Responsibilities

Security Operations & Incident Response (Primary)

• Review, design, and implementation of new Security Tools - support administration across tools such as SIEM, EDR, CNAAP, Email Security, and others.
• Support security and risk assessments for new tools, vendors, and relationships with broader Security and IT team.
• Assist in development of new threat detections, playbooks, and automated response/remediation.
• Support triage and response of security alerts, as an escalation point from the broader team.
• Participate in supporting security on-call rotation.

Zero Trust & Network Security (Secondary)

• Strengthen Zero Trust posture by expanding usage of Cloudflare WARP, WAF, other Zero Trust tooling and principles.
• Collaborate with the IT team to enhance endpoint security policies within EDR tools such as SentinelOne, CrowdStrike, as well as secure hardening standards into MDM.
• Support design and implementation of IAM best practices/principles for workforce and client identity, leveraging tools such as Google IDP, Okta, Auth0, Zitadel.
• Mature Zero Trust alerts and controls across risk-based alerting, posture checks.
• Incorporation of Zero Trust principles into new programs and architecture designs.

Application Security (Support)

• Support application security program strategy and implementation, including but not limited to various controls towards a “shift-left” security model, Security Champions program, adoption and implementation of SAST, DAST, other application security tools.
• Assist in maturation of the Secure SDLC, including threat modeling, security architecture and requirements guidance, as well as secure code development training.
• Work directly with developers to triage findings, provide remediation guidance, and foster a security-first culture.
• Manual testing support for light red teaming such as POC’ing vulnerabilities, leading penetration tests via vendor engagements and/or internally led testing, and validating security findings.

Cloud & Infrastructure Security (Support)

• Partner with Engineering, DevOps, to secure GCP, AWS environments.
• Leverage Cloud Security tools such as CNAAP, to remediate discovered misconfigurations, vulnerabilities, and triage of Cloud Security alerts.
• Support development and implement secure infrastructure baselines, vulnerability management processes, secrets management, IAM, and hardening standards within the cloud environment.
• Incorporation of shift-left security tests and controls, into CI/CD pipelines.
• Help expand monitoring capabilities within tools such as SIEM, CNAAP, including implementation of required cloud architecture/logging, onboarding of log sources to security tools, and detection rules for cloud-based threats.

Requirements

• 3-5 years of hands-on experience in a security engineering role, preferably within a cloud-native, startup environment.
• Deep experience building or contributing to a Security Operations program, leveraging/administering SIEM, EDR, CNAAP, Email Security, and SOAR tools.
• Hands-on experience building and tuning threat detections, partnering with Security Analysts to improve/automate runbooks and response actions.
• Demonstrated experience implementing tools and controls to support Zero Trust, with tools such as Cloudflare, IAM architecture and protocols, risk and posture based alerting, and workforce/customer identity solutions.
• Proficiency in at least one scripting language (Python, Bash) to automate security tasks and processes, ability to implement and support detection-as-code and infrastructure-as-code where applicable.
• Excellent problem-solving skills and the ability to work collaboratively with both technical (Engineering) and non-technical (GTM) teams.
• Ability to drive new projects, self-starter, with minimal supervision.
• A proactive, "builder" mindset with a passion for improving processes, reducing risk.

Preferred

• Familiarity with Infrastructure as Code (IaC) and its security implications (e.g., Terraform).
• Knowledge of compliance frameworks such as SOC 2, GDPR, NIST CSF.
• Familiarity with common application development languages such as Java or JavaScript.
• Understanding of system and architecture design principles, from code to cloud.
• Relevant industry certifications (e.g., GCLD, GCP Cloud Security Engineer, GCSA).