Senior Security Engineer, Application & Cloud

Bachelor's degree in Computer Science, Information Technology, Security, or a related field. 4+ years of experience in Application Security. 2+ years of experience in DevSecOps or Cloud Security. Demonstrated knowledge of security frameworks and standards (e.g., OWASP ASVS, NIST SSDF, AWS Well-Architected Framework). Experience with security tools and technologies (e.g., Kubernetes, Snyk, Wiz, GitHub Actions, AWS GuardDuty). Strong project management skills and the ability to manage multiple projects simultaneously.

Integrate and manage security tools across CI/CD pipelines (SAST, SCA, IaC, container scanning). Perform code and system security assessments and partner with developers to triage and remediate vulnerabilities. Conduct architectural reviews to uncover design-level risks and document threats and mitigation strategies. Champion secure coding practices through education and engagement. Contribute to security policies, design standards, and development guidelines. Continuously assess and strengthen AWS cloud environments to reduce risk and increase resilience. Proactively detect and remediate misconfigurations in IAM, networking, encryption, and workloads. Collaborate with DevOps to secure infrastructure-as-code by implementing automated policy enforcement and cloud security benchmarks. Monitor and respond to alerts from security tools (IDS/IPS, SIEM, EDR). Develop and maintain incident response plans, playbooks, and tooling. Drive security-focused projects from start to finish.