Senior Security Engineer - Remote Position

About the Role

We’re looking for a Senior Security Engineer to join our Security team in a fully remote capacity. In this role, you will work closely with product development to embed security best practices across the entire software development lifecycle and ensure the security of our products. As a Senior Security Engineer, you will have a high level of autonomy in your daily work to improve our security posture.

What You'll Do

• Design, implement, and maintain security controls across our SaaS platform and internal infrastructure.
• Automate vulnerability and threat detection using SAST, SCA, IAC, and container image analysis.
• Ensure robust audit logging via SIEM and implement IAM policies.
• Conduct internal reviews, threat modeling, and testing of new product features.
• Collaborate closely with development and operations teams to integrate security into the Software Development Life Cycle (DevSecOps).
• Champion a security-first culture, embedding security principles into all aspects of our operations and product development.
• Improve existing security tooling in CI/CD and add new tools for automated threat detection.
• Implement policy-as-code solutions to detect possible data breaches and insecure configurations.

Requirements

• At least 3+ years of full-time experience in information security and a total of at least 5 years of full-time work experience in software development.
• Expertise in securing cloud infrastructure in AWS, GCP, or Azure.
• Basic knowledge of Kubernetes and securing Kubernetes clusters and containerized applications.
• Proficiency in at least one programming language (e.g., Python, Go, PHP) and understanding of secure coding practices.
• Experience reviewing source code is required.
• Familiarity with modern CI/CD systems (GitLab/GitHub) and implementing automated security scanning tools.
• Knowledge of security frameworks and standards such as OWASP ASVS, OWASP SAMM, ISO 27001, and CIS Benchmarks.
• Keen interest in promoting security in a product development organization.

Nice to Have

• Expertise in securing Kubernetes clusters in complex, multi-cloud environments.
• Familiarity with AI software development tools and AI security.
• Hands-on experience in configuring SIEMs, threat detection, and response tooling.
• Experience in incident response in cloud environments.
• Relevant technical security certifications (e.g., CISSP, SANS, etc.).

What We Offer

• Attractive pay structure, including equity.
• Great work equipment and home office allowance for those working in our fully remote locations.
• Annual personal learning budget.