Senior Security Operations Engineer

New

United StatesFull-TimeSenior

Salary180,000 - 220,000 USD per year

Apply NowOpens the employer's application page

Job Details

5+ years of experience in security engineering, security operations, or hybrid security-focused roles within cloud or technology environments.
Strong expertise in application security concepts including threat modeling, secure code review practices, OWASP Top 10 vulnerabilities, and secure development principles.
Hands-on experience with security tooling such as SAST, SCA, DAST, secret scanning, vulnerability management platforms, and IaC security solutions.
Solid understanding of AWS cloud infrastructure, IAM, VPC networking, security hardening practices, and cloud security monitoring.
Experience working with infrastructure-as-code tools, preferably Terraform, and securing CI/CD pipelines.
Proficiency in Python scripting and the ability to review backend application code effectively.
Experience supporting compliance frameworks such as SOC 2, ISO 27001, PCI DSS, or similar audit-driven environments.
Strong written communication skills with experience creating policies, audit documentation, runbooks, and technical security documentation.
Familiarity with AI-assisted development tools and automation platforms to streamline security operations and engineering workflows.
Excellent collaboration, analytical thinking, and problem-solving skills with the ability to operate effectively in high-growth remote environments.

Conduct threat modeling, security architecture reviews, and secure code reviews for new services, infrastructure changes, and product features.
Design, deploy, and maintain security tooling across development pipelines, including SAST, SCA, DAST, secret scanning, and infrastructure-as-code security controls.
Partner with engineering teams to strengthen AWS infrastructure security, IAM configurations, Terraform-managed environments, and network segmentation practices.
Lead vulnerability management initiatives by triaging, prioritizing, tracking, and supporting remediation efforts across systems and applications.
Support incident response activities including investigations, root cause analysis, remediation planning, and post-incident hardening improvements.
Monitor and respond to security alerts generated by endpoint, cloud, and application security platforms.
Participate in compliance and audit activities related to SOC 2, ISO 27001, PCI 4.0, and other security frameworks by maintaining documentation and evidence collection processes.
Collaborate with sales, legal, and customer-facing teams to complete security questionnaires, RFP responses, and trust-related requests.
Improve operational security processes, runbooks, and automation workflows using scripting and AI-assisted development tools where appropriate.
Support ongoing IAM governance, user access reviews, RBAC maintenance, and compliance-related operational tasks.

View Full Description & ApplyYou'll be redirected to the employer's site