The Senior Security Engineer is a hands-on, high-impact technical role responsible for designing, implementing, and automating robust security controls across our application stack and cloud environments. The role requires a strong proficiency in at least one scripting or programming language (Python or Go preferred) for security automation and experience in two or more of the following core areas: Application & SDLC Security, Security Automation & Engineering, Cloud Security, Identity & Encryption, Endpoint & Data Security.
Requirements
- Design, build, and implement Just-in-Time (JIT) access controls and Privileged Access Management (PAM) workflows
- Conduct platform permission reviews and implement a least-privilege access model for cloud and application roles
- Ensure 100% of production access requests and approvals are captured in audit logs
- Lead the implementation, tuning, and operation of security tools in the CI/CD pipeline
- Develop custom SAST rules to detect specific, high-risk flaw patterns
- Partner with engineering to deploy IDE plugins and automated PR checks
- Conduct manual security code reviews for high-risk features and cryptographic implementations
- Design, build, and maintain automation for the end-to-end vulnerability management lifecycle
- Engineer automated workflows to triage, validate, and assign new vulnerabilities
- Develop and maintain security automation scripts, tools, and services in Python or Go
- Partner with SecOps to build high-fidelity SIEM correlation rules and automated response playbooks
- Design, implement, and maintain encryption strategies for data at rest and in transit
- Manage the cryptographic key lifecycle and administer key management systems
- Design and implement secure cloud network architectures and network segmentation strategies
- Lead the remediation of cloud security findings
- Implement and manage a centralized security control plane
- Design and implement Data Loss Prevention (DLP) policies for endpoints and cloud services
- Design and enforce security configurations and hardening standards for diverse operating systems
- Manage and tune endpoint security solutions
- Lead threat modeling sessions for new features and conduct secure design reviews of system architectures, applications, and APIs
- Act as an embedded security partner and subject matter expert for product and platform teams
- Develop and manage security programs for emerging risks
Benefits
- Remote-first culture
- 401(k) savings plan through Fidelity
- Comprehensive medical, vision, and dental coverage through multiple medical plan options (including disability insurance)
- Paid Time Off ('PTO') and Discretionary Time Off ('DTO')
- 12 weeks of 100% Paid Parental leave
- Family Building & Compassionate Leave: Fertility coverage, $25,000 for surrogacy/adoption, and paid leave for failed treatments, adoption or pregnancies
- Work-From-Home reimbursement to support team collaboration home office work
