Lead Security Engineer
New
Fully remote position with flexibility across the United States (and potentially Canada).Full-TimeLead
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Experience
- 8+ years of experience in security engineering, cloud security, DevSecOps, infrastructure security, or security operations roles.
- Required Skills
- AWSKubernetes
Requirements
- 8+ years of experience in security engineering, cloud security, DevSecOps, infrastructure security, or security operations roles.
- Strong hands-on expertise with AWS, with the ability to assess architecture risks and design secure cloud-native solutions.
- Deep experience securing CI/CD pipelines, Kubernetes/containerized environments, IAM, secrets management, logging, and infrastructure-as-code systems.
- Proven experience with vulnerability management programs and familiarity with penetration testing and incident response processes.
- Working knowledge of SOC 2 Type 2 audits, ISO 27001 frameworks, NIST CSF, and GDPR/security compliance requirements.
- Strong communication skills with the ability to translate technical security risks into business impact for executives, engineers, auditors, and customers.
- Experience collaborating cross-functionally across engineering, legal, compliance, and sales teams in fast-paced SaaS environments.
Responsibilities
- Own and evolve the organization’s overall security posture across cloud infrastructure, applications, internal systems, and customer-facing environments.
- Lead cloud security initiatives across AWS environments, including IAM, network architecture, encryption strategies, Kubernetes/container security, logging, and infrastructure configuration risk management.
- Drive end-to-end vulnerability management, including tooling oversight, alert triage, prioritization, remediation tracking, and reporting.
- Serve as incident response lead for major security events, including investigations, root cause analysis, executive communication, and coordination of tabletop exercises.
- Own compliance and governance programs such as SOC 2 Type 2 readiness, ISO 27001 alignment, NIST CSF maturity tracking, and maintenance of risk registers.
- Partner with Legal, Privacy, Sales, and Customer Success teams to support security questionnaires, enterprise deals, audits, and regulatory requirements including GDPR.
- Support IT security practices including endpoint protection, MDM, access controls, and SaaS security governance.
View Full Description & ApplyYou'll be redirected to the employer's site
