Senior Security Engineer

Duties and Responsibilities

• Operate and improve Faro's security detection and response capabilities, including monitoring, triage, and investigation of alerts from SIEM, CSPM, and MDR
• Manage Faro's vulnerability management program, including triaging findings from infrastructure scans, SAST, DAST, and SCA tools, tracking remediation against established SLAs and coordinating with engineering on fixes
• Support and improve application security practices within Faro's SDLC, including security reviews of new features, integration of automated security testing into CI/CD pipelines, and guidance to developers on secure coding practices
• Maintain and improve Faro's cloud security posture across multiple cloud providers including configuration reviews, hardening, and alignment with CIS benchmarks
• Coordinate and support third-party penetration testing engagements, including scoping, logistics, findings triage, and remediation tracking
• Contribute to the security of Faro's AI-powered products, including evaluating risks related to prompt injection, data leakage between tenants, model output safety, and retrieval-augmented generation (RAG) integrity
• Support incident response activities in alignment with Faro's NIST 800-61-based incident response plan, including detection, analysis, containment, eradication, and recovery
• Contribute to security evidence collection and technical documentation to support SOC 2 Type II, ISO 9001 and ISO 27001/42001 audit cycles
• Evaluate and improve security tooling, automation, and processes to scale Faro's security capabilities as the company grows

Requirements

• 6+ years of experience in security engineering, cloud security, or application security roles
• 3+ years of hands-on experience with cloud security services (Azure preferred; AWS or GCP acceptable with willingness to ramp on Azure)
• Experience with vulnerability management tools and processes, including familiarity with CVSS scoring and risk-based prioritization
• Experience with application security testing tools (SAST, DAST, SCA) and secure SDLC practices
• Experience with endpoint detection and response platforms
• Comfortable working in a small team environment where you will own outcomes end-to-end
• Experience in a startup or high-growth environment preferred
• Experience with compliance frameworks such as SOC 2, ISO 27001, and NIST 800-53
• Scripting ability in Python, PowerShell, or Bash
• Bachelors Degree in Information Technology or related field, Masters Degree Preferred

Preferred / Bonus Qualifications

• Experience with AI/ML security concepts, including prompt injection, adversarial testing, and LLM-specific attack vectors
• Experience with infrastructure as code security (Terraform, ARM/Bicep templates, etc.)
• Relevant certifications such as AZ-500, OSCP, GIAC, CISSP or similar
• Experience in healthcare, life sciences, or other regulated industries

Skills and Competencies

• Strong analytical and problem-solving skills with the ability to investigate complex security events
• Ability to communicate security risks and recommendations clearly to both technical and non-technical audiences
• Self-motivated and able to work independently with minimal supervision
• Collaborative mindset, comfortable working directly with engineering, product, and DevOps teams
• Willingness to learn new technologies and adapt as Faro's product and infrastructure evolve

Benefits

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k)
• Life Insurance (Basic)
• Short Term and Long Term Disability
• Paid Time Off (Flexible Vacation Policy; Paid Sick & Public Holidays Observed)
• Training & Development Reimbursement
• Hybrid Work Environment
• Peer-to-peer bonus program
• Company/department outings and events
• Stock Option Plan
• Office On-Premises Amenities; gym, restaurant tenant discount, Padel Nine