More jobs:
Senior Security Engineer
Job in
San Francisco, San Francisco County, California, 94199, USA
Listed on 2026-07-08
Listing for:
Plaud
Full Time
position Listed on 2026-07-08
Job specializations:
-
IT/Tech
Cybersecurity, AWS
Job Description & How to Apply Below
Why You Should Join Us
- Plaud is a bootstrapped, skyrocketing, profitable company with a $250M revenue run rate achieved in just three years.
- Define the next‑gen paradigm for human‑AI interaction.
- Gain exposure to cutting‑edge AI for Pro tools and play a direct role in our global expansion.
- Work with passionate teammates who value innovation, collaboration, and customer success.
- Grow your career in a culture that champions continuous learning and fast career development.
- Market‑competitive compensation, global exposure, and a vibrant, creativity‑fueled work atmosphere.
- You will own both the detection & response layer and the cloud infrastructure security foundation at Plaud — two domains that must operate in lockstep to deliver SOC 2 Type II audit readiness by Q4 2026.
- Cloud & Infrastructure Security — Remediate credential exposure across AWS/GCP production environments, deploy and tune CSPM across all accounts, embed IaC security gates (Checkov/Terraform) into CI/CD, and implement Zero Standing Privileges via JIT/CIEM.
- SIEM Build & Detection Engineering — Deploy the SIEM platform and author 30+ MITRE ATT&CK‑mapped detection rules spanning cloud telemetry, endpoint, and SaaS — with ongoing tuning to reduce false positives and maintain coverage fidelity.
- Incident Response — Own the IR lifecycle end‑to‑end: develop playbooks across a minimum of 4 incident categories, lead cross‑functional response for P1/P2 events, and drive MTTD to ≤60 minutes.
- SOC 2 TII Operational Evidence — Produce and maintain the continuous evidence package required for audit — log retention, alert records, control review cadences, and written control narratives for Cloud Security and Sec Ops domains.
- Security Reporting & Risk Governance — Publish monthly security reports to leadership, deliver H1 risk governance reports, and maintain vulnerability SLA compliance ≥90% with clear remediation tracking.
- 5+ years of hands‑on security engineering experience with demonstrable depth in at least one of: cloud security (AWS/GCP, CSPM, IAM, IaC) or security operations (SIEM, IR, SOAR, detection engineering) — and working fluency in the other.
- Proven ability to build security infrastructure from zero: tool selection, baseline configuration, and policy definition without inheriting a mature program or existing runbook.
- Strong working knowledge of MITRE ATT&CK, CIS Benchmarks (L1/L2), cloud‑native security tooling (AWS Security Hub, GCP SCC, or equivalent CSPM), and log source integration across cloud and endpoint layers.
- Familiarity with SOC 2 TII control requirements — specifically CC6 (logical access), CC7 (monitoring & detection), and the operational evidence standards expected by a third‑party auditor.
- Routinely uses LLMs as part of daily security workflow — alert summarization, detection rule generation, SOAR playbook drafting, or IaC policy automation. Will demo last‑2‑weeks AI usage during interview.
Position Requirements
10+ Years
work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×