Sr. Information Security Engineer

This is a Utah HQ position-Hybrid in office and remote.

Alianza is on a mission to be the world's best cloud-based telecommunications platform for service providers. The Senior Information Security Engineer drives our security strategy forward and ensures our platform remains secure, compliant, and trusted by our customers.

As a Senior Information Security Engineer, you'll have a significant impact across our organization, leading security initiatives that protect our cloud infrastructure, customer data, and product ecosystem. You'll work autonomously to identify and resolve complex security challenges while mentoring others and championing security excellence throughout the company.

• Develop, execute, and track the performance of security measures to protect information, network infrastructure, and computer systems
• Perform and document cybersecurity, vulnerability, and risk assessments and implement remediation plans
• Research security vulnerabilities and implement countermeasures
• Monitor cybersecurity trends and adapt security strategies accordingly
• Gather, analyze, and document security requirements for systems and applications
• Define and document security specifications for new and existing systems
• Recommend security solutions to management
• Develop cost-effective solutions to cybersecurity challenges

• Participate in sponsor audits
• Create comprehensive security reports and analysis for stakeholders

• Educate and train staff in information security best practices
• Communicate security requirements and recommendations across the organization

• 10+ years of experience in information security, with at least 2 years in senior or lead roles
• Proven track record of leading complex security initiatives in cloud and on-prem environments
• Experience securing SaaS platforms and multi-tenant architecture
• Hands-on experience with security incident response and investigation

• Deep understanding of cloud security (AWS/Azure/GCP) and cloud-native architecture
• Experience with securing on-prem environments
• Expertise in application security, including secure SDLC, SAST/DAST, and code review
• Strong knowledge of network security, cryptography, and identity management
• Experience with infrastructure as code and security automation
• Proficiency in at least one programming or scripting language (Python, Bash, Java, etc.)
• Excellent understanding of technology infrastructures using Firewalls, VPN, Data Loss Prevention, and IDS/IPS
• Develop, execute, and track the performance of security measures to protect information, network infrastructure, and computer systems

• Demonstrated ability to work independently on ambiguous problems
• Experience collaborating across all aspects of the organization and leading technical initiatives
• Excellent written and verbal communication skills for technical and executive audiences

• Certifications such as CISSP, GSEC, CCEP, CRCM, or CISM desired
• Security certifications such as CISSP, SANS, or cloud-specific security credentials

• Experience in telecommunications or VoIP security
• Knowledge of compliance frameworks and standards (SOC2, NIST 800-53, ISO 27001, CIS Controls)
• Experience with penetration testing
• Background in Dev Sec Ops  and CI/CD security

• Experience building security tools and automation
• Knowledge of zero-trust architecture principles
• Familiarity with security monitoring and SIEM platforms
• Understanding of API security and microservices architecture