Lead Security Engineer

This is a high-impact, hands-on security leadership role responsible for shaping and owning the end-to-end security posture of a modern, cloud-first SaaS platform operating at global scale. You will work across engineering, Dev Ops, compliance, and customer-facing teams to ensure security is embedded into every layer of the technology stack. The role combines deep technical cloud security work with strategic ownership of governance, risk, and compliance programs.

You will play a key part in securing real-time, high-volume systems used by enterprise customers worldwide. The environment is fast-moving, highly collaborative, and strongly focused on automation and AI-driven engineering practices. This position is ideal for someone who thrives in both technical execution and cross-functional influence, with the ability to communicate security risk at executive and customer level.

• Own and evolve the organization’s overall security posture across cloud infrastructure, applications, internal systems, and customer-facing environments, ensuring security is embedded across the SDLC and CI/CD pipelines.
• Lead cloud security initiatives across AWS environments, including IAM, network architecture, encryption strategies, Kubernetes/container security, logging, and infrastructure configuration risk management.
• Drive end-to-end vulnerability management, including tooling oversight, alert triage, prioritization, remediation tracking, and reporting across code, dependencies, infrastructure, and cloud workloads.
• Serve as incident response lead for major security events, including investigations, root cause analysis, executive communication, and coordination of tabletop exercises for incident and disaster recovery.
• Own compliance and governance programs such as SOC 2 Type 2 readiness, ISO 27001 alignment, NIST CSF maturity tracking, and maintenance of risk registers and remediation roadmaps.
• Partner with Legal, Privacy, Sales, and Customer Success teams to support security questionnaires, enterprise deals, audits, and regulatory requirements including GDPR and data processing agreements.
• Support IT security practices including endpoint protection, MDM, access controls, and SaaS security governance while reporting overall risk posture to executive leadership.

• 8+ years of experience in security engineering, cloud security, Dev Sec Ops , infrastructure security, or security operations roles.
• Strong hands-on expertise with AWS, with the ability to assess architecture risks and design secure cloud-native solutions.
• Deep experience securing CI/CD pipelines, Kubernetes/containerized environments, IAM, secrets management, logging, and infrastructure-as-code systems.
• Proven experience with vulnerability management programs and familiarity with penetration testing and incident response processes.
• Working knowledge of SOC 2 Type 2 audits, ISO 27001 frameworks, NIST CSF, and GDPR/security compliance requirements.
• Strong communication skills with the ability to translate technical security risks into business impact for executives, engineers, auditors, and customers.
• Experience collaborating cross-functionally across engineering, legal, compliance, and sales teams in fast-paced SaaS environments.

• Fully remote position with flexibility across the United States (and potentially Canada).
• High ownership role with end-to-end responsibility for security, compliance, and incident response strategy.
• Exposure to AI-first engineering environments and modern security governance challenges.
• Opportunity to influence enterprise-level security programs supporting global customers at scale.
• Strong cross-functional collaboration with engineering, legal, and customer-facing teams.
• Competitive compensation package aligned with senior-level security leadership roles (details shared during the hiring process).