Security Engineer

POSITION SUMMARY

Responsible for implementing and maintaining security systems and practices that protect the organization’s cloud‑native infrastructure, applications, and data.

• Implement and manage security solutions including cloud security controls, SIEM, endpoint protection, and traditional security solutions (e.g., firewalls, IDS/IPS) to support a hybrid environment.
• Monitor networks and systems for security breaches, analyze security alerts, and respond to incidents in a timely manner.
• Collaborate with Engineering teams to integrate security into the software development lifecycle (Dev Sec Ops ).
• Review and enhance identity and access management (IAM) strategies, including zero‑trust and least‑privilege models.
• Support compliance efforts with standards such as SOC 2.
• Provide guidance during secure architecture reviews.
• Stay current with emerging threats, vulnerabilities, and technologies and provide recommendations for improvement.

• Bachelor’s degree in Computer Science, Information Security, or equivalent practical experience.
• 5+ years of dedicated experience in a cloud‑first or equivalent environment, focusing on securing cloud platforms (e.g., AWS, GCP, Azure).
• Strong understanding of security architecture, networking, system hardening, and encryption.
• Experience with security models of containerized systems (ECS or Kubernetes).
• Familiarity with AWS security tools and services (IAM, VPCs, Guard Duty, etc.).
• Knowledge of scripting or automation languages (e.g., Python, Bash, Power Shell).
• Excellent problem‑solving and communication skills.

• Certifications such as AWS Security Specialty or Azure Security Engineer Associate, and professional certifications such as CEH or CompTIA Security+.
• Experience in a regulated environment or with audit preparation (e.g., SOC 2, FedRAMP, FCRA, GLBA, PCI‑DSS).
• Familiarity with infrastructure as code (IaC) tools.
• Experience with container security practices.