Remoote.app

Work from anywhere. Start here.

Free resume builderCompaniesLog in
Apply

Staff Security Engineer

Posted 11 days agoViewed

View full description

💎 Seniority level: Staff, Several years

📍 Location: United States

💸 Salary: 184000.0 - 253000.0 USD per year

🔍 Industry: Healthcare

🏢 Company: Thirty Madison👥 251-500💰 $140,000,000 Series C almost 4 years ago🫂 Last layoff over 2 years agoPharmaceuticalPersonal HealthWellnessHealth Care

⏳ Experience: Several years

🪄 Skills: AWSLeadershipPythonSQLBashCloud ComputingCybersecurityData AnalysisKubernetesLDAPMicrosoft AzureMicrosoft ExchangeCross-functional Team LeadershipAPI testingAzureCommunication SkillsAnalytical SkillsCollaborationCI/CDProblem SolvingRESTful APIsMentoringLinuxDevOpsTerraformOrganizational skillsDocumentationMicroservicesComplianceExcellent communication skillsTeamworkJSONRisk ManagementScriptingDebugging

Requirements:
  • Proven expertise in security incident response and detection engineering, with a strong focus on cloud environments.
  • Ability to partner closely with the Head of Security to drive forward security initiatives and strategies.
  • Experience adopting an automation- and development-driven approach to implement security controls.
  • Strong skills in threat modeling and identifying security risks.
  • Establish and track key KPIs to ensure the security program remains robust, enabling data-driven decision-making.
  • Leadership experience in designing and executing security control strategies, driving iterative design, and taking ownership of security products.
  • Exceptional collaboration skills, with the ability to work seamlessly with diverse teams, including engineers, medical professionals, and external partners.
  • A proactive mindset with a strong drive to take ownership of issues and solve them independently in a fast-paced, evolving environment.
  • A passion for educating and evangelizing security best practices, backed by excellent written and verbal communication skills.
  • Several years of experience leading cross-functional initiatives, especially bridging security engineering with infrastructure teams, with a proven track record of delivering impactful projects that align with business objectives.
  • Familiarity with Kubernetes and microservices architectures.
  • Experience deploying and securing cloud services (e.g., AWS, Azure) with a deep understanding of cloud security principles.
  • Strong proficiency in scripting and programming languages (e.g., Python, Bash) for data analysis, automation, and tool development.
  • Hands-on experience with Terraform for infrastructure management and automation.
Responsibilities:
  • Act as a hands-on subject matter expert (SME) for the Detection and Response program, while also taking ownership of broader security initiatives, including Enterprise Security and Product Security at Thirty Madison.
  • Design and implement scalable solutions and processes to proactively identify, address, and mitigate security vulnerabilities and risks.
  • Conduct research on emerging threats impacting Thirty Madison’s applications and infrastructure.
  • Strengthen defense-in-depth strategies by developing secure-by-default frameworks, architectures, and processes.
  • Provide mentorship and share security best practices across the organization.
  • Collaborate with cross-functional teams to ensure security efforts align with business objectives and integrate smoothly into existing workflows.
  • Lead investigations, containment, and remediation of security incidents, ensuring swift resolution.
  • Demonstrate strong leadership under pressure, making informed decisions in uncertain situations while coordinating efforts across teams to resolve issues effectively
Apply

Related Jobs

Apply
🔥 Senior Staff Security Engineer (Architect), Remote
Posted 17 days ago

📍 United States, Canada

🧭 Full-Time

🔍 Health-Tech

  • 6+ years of experience in Cloud Native environments
  • 3+ years in a dedicated application security role
  • Proficient in coding languages such as Python, R, C++, and JavaScript
  • Design and deploy advanced security controls
  • Conduct code reviews and vulnerability assessments
  • Integrate security tools into infrastructure

AWSPythonGCPMachine LearningAzureTerraform

Posted 17 days ago
Apply
Apply
🔥 Staff Security Engineer - Data Protection (Data Security Architect), Remote
Posted about 1 month ago

📍 United States, Canada

🧭 Full-Time

🔍 Data Security

  • Data Security Architect
  • Expertise in data and automation.
  • Design, implement, and maintain security services that support our business.
  • Understand data and automation are important ingredients to our mission and know how to actively employ these ingredients at scale.
  • Partner cross-functionally across various teams, driving impactful outcomes and further securing our digital landscape.

AWSCloud ComputingCybersecurityData engineeringMicroservicesComplianceData management

Posted about 1 month ago
Apply
Apply
🔥 Staff Security Engineer - Data Protection (Data Security Architect), Remote
Posted about 1 month ago

📍 United States, Canada

🧭 Full-Time

🔍 Health-Tech

  • BS/BTech in Computer Science, IT, Cybersecurity, or related field
  • 8+ years securing Cloud Native applications
  • 5+ years in a dedicated data security role
  • Familiarity with DLP and DSPM tools
  • Knowledge of health-tech systems preferred
  • Lead development and maintenance of security strategies
  • Design and deploy security controls
  • Mentor new engineers
  • Shape security services strategy

Cloud ComputingCybersecurity

Posted about 1 month ago
Apply
Apply
🔥 Staff Security Engineer, Data Protection
Posted about 1 month ago

📍 USA

🧭 Full-Time

💸 154000.0 - 216000.0 USD per year

🔍 Security

🏢 Company: SandboxAQ👥 101-250💰 $25,000,000 Grant 4 months agoArtificial Intelligence (AI)SaaSInformation TechnologyCyber Security

  • Experienced in managing confidentiality, integrity and availability of data within cloud environments, both manually and through automation
  • Have an understanding of industry best practices and tooling, including their limitations
  • Proficient in risk-based decision making as it applies to data classification
  • Have worked with CUI data and are familiar with CMMC 2.0 / NIST 800-171 controls
  • Able to develop sensible data retention policies
  • Strong communication skills and ability to work across different groups to build consensus on scalable data design patterns
  • Work cross-functionally to ensure security and privacy of SandboxAQ and customer data
  • Develop strategies and automation around data classification and monitoring
  • Work within AWS and GCP environments making sure our systems are configured correctly and architected following best security practices
  • Assist product teams in design of multi-tenant SaaS products
  • Act as the steward of CUI data within our organization
  • Automate vulnerability detection, data loss prevention (DLP), and privacy incident response across cloud platforms
  • Collaborate with the development, DevOps, and InfoSec team to integrate privacy solutions into CI/CD pipelines
  • Document privacy architectures, data flows, and technical implementations

AWSPythonCybersecurityGCPCI/CDTerraformComplianceRisk ManagementData modeling

Posted about 1 month ago
Apply
Apply
🔥 Staff Security Engineer - Cryptography & Key Management
Posted about 2 months ago

📍 U.S.

💸 167100.0 - 244200.0 USD per year

🔍 Financial technology

🏢 Company: Marqeta👥 1001-5000💰 Post-IPO Equity almost 4 years ago🫂 Last layoff almost 2 years agoCryptocurrencyDebit CardsCredit CardsPaymentsFinTech

  • A minimum of 8 years related experience with a Bachelor’s degree; or 5 years and a Master’s degree; or a PhD with 3 years’ experience.
  • 5+ years of professional experience within data security including encryption, tokenization, PKI implementation and key management.
  • 4+ years of in-depth experience working with payment and/or general-purpose HSMs, cloud KMSs.
  • 4+ years of practical experience in encryption algorithms (e.g., AES, RSA), protocols (e.g., TLS/SSL), key management, secrets management.
  • 3+ years with cloud computing architectures and Infrastructure as Code (e.g., Terraform).
  • 2+ years working experience with security regulatory/compliance requirements including PCI, NIST and GDPR.
  • 2+ years experience with data security, classification and posture management tooling.
  • Strong collaboration and communication skills.
  • Problem-solving skills to navigate complexity and security risks.
  • Lead the development of enterprise-level data security architecture and strategies.
  • Define encryption and secrets management standards, ensuring alignment with product development and enterprise needs.
  • Collaborate closely with security, technology, and privacy teams to implement and maintain standards.
  • Deploy, configure, and manage cloud-based Key Management Services (KMS) and Hardware Security Modules (HSMs).
  • Participate in Proof of Concept (POC) testing for new cryptographic products and services.
  • Serve as a key custodian, overseeing the full lifecycle of sensitive key material.
  • Maintain and update data security tooling such as DSPM and DLP solutions.
  • Ensure compliance with evolving security standards like PCI-DSS and FIPS.
  • Provide operational support, including on-call rotation and documenting critical procedures.

AWSCloud ComputingCybersecurityTerraform

Posted about 2 months ago
Apply
Apply
🔥 Sr. Staff Security Engineer (ELK Stack)
Posted 2 months ago

📍 USA

🧭 Full-Time

💸 129000.0 - 185000.0 USD per year

🔍 Cybersecurity

🏢 Company: Zscaler

  • 5+ years of experience in security engineering or operations, with flexibility for candidates with exceptional skills.
  • Proficiency in managing an Elastic Stack (ELK) for security event analysis and detections.
  • Strong experience with cloud security tools like AWS, Azure, or Google Cloud.
  • Proven ability in security detection engineering and independent problem-solving.
  • Bachelor’s degree in Cybersecurity, Computer Science, or related field, or equivalent experience.
  • Implement and optimize ELK-based security monitoring systems.
  • Develop and maintain detection rules for advanced threats.
  • Manage security event monitoring and response processes for swift incident resolution.
  • Conduct threat hunting and root cause analysis to mitigate risks.
  • Ensure compliance and security standards in all detection activities.

AWSPythonCybersecurityAzure

Posted 2 months ago
Apply