Senior Security Engineer, Application & Cloud

View full description

Requirements:

• 4+ years of experience in Application Security.
• 2+ years of experience in DevSecOps or Cloud Security.
• Demonstrated knowledge of security frameworks and standards (e.g., OWASP ASVS, NIST SSDF, AWS Well-Architected Framework).
• Experience with security tools and technologies (e.g., Kubernetes, Snyk, Wiz, GitHub Actions, AWS GuardDuty).

Responsibilities:

• Integrate and manage security tools across CI/CD pipelines (SAST, SCA, IaC, container scanning) to ensure issues are caught early, before they impact production.
• Perform code and system security assessments, then partner with developers to triage and remediate vulnerabilities quickly and effectively.
• Conduct architectural reviews to uncover design-level risks, clearly documenting threats and mitigation strategies that shape secure system designs.
• Champion secure coding practices through education and engagement, helping teams adopt a security-first mindset in their workflows.
• Contribute to security policies, design standards, and development guidelines that raise the security bar across the company.
• Continuously assess and strengthen our AWS cloud environments (and other cloud platforms) to reduce risk and increase resilience.
• Proactively detect and remediate misconfigurations in IAM, networking, encryption, and workloads to minimize exposure and reduce risk.
• Collaborate with DevOps to secure infrastructure-as-code by implementing automated policy enforcement and cloud security benchmarks.
• Monitor and respond to alerts from security tools (IDS/IPS, SIEM, EDR), helping us to detect threats early and enable fast, informed responses.
• Develop and maintain incident response plans, playbooks, and tooling to ensure swift and coordinated responses to security events.
• Drive security-focused projects from start to finish, including tool rollouts, vulnerability remediation efforts, and cloud hardening initiatives.