Senior Security Engineer

Bachelor’s degree in Computer Science, Cybersecurity or related, or equivalent work experience. 10+ years of hands-on experience in application security and/or infrastructure/cloud security. Strong practical experience securing applications (threat modelling, secure design, code review, pen testing). Proven experience in AWS: securing services like EC2, Lambda, EKS, S3, RDS, VPC, IAM. Experience with infrastructure-as-code (IaC) tools (Terraform, CloudFormation). Deep understanding of networking/security fundamentals (TCP/IP, HTTP/S, DNS, firewalls). Strong scripting/automation skills in one or more languages (e.g., Python, Go, JavaScript/TypeScript). Excellent communication skills.

Lead secure design, architecture review, and threat modeling for applications (web services, APIs, microservices, serverless, mobile). Lead secure design and review for infrastructure/cloud (AWS VPCs, IAM, compute/storage services, IaC). Develop and apply application security controls (code review, static/dynamic analysis, penetration testing). Develop and apply cloud infrastructure security controls (IaC guardrails, drift detection, security monitoring). Automate security workflows across app and infra domains. Collaborate with DevOps/SRE/CloudOps/Architecture teams to embed security early. Stay current on emerging threats and propose security strategy enhancements.