Jobs · Information Technology

Principal Information Security Engineer

SentiLink · Los Angeles, CA · 2 days ago
RemoteRemoteInformation Technology$220k–$280k/yrFull-time

Responsibilities

  • Design and build internal security tooling from scratch, including agent-based security tooling, code analysis tooling, dynamic scanning, and security assessment tools
  • Identify vulnerabilities across SentiLink's AWS-based stack, including application code, cloud service configurations, and integrations between the two
  • Build and maintain security automation that improves detection, response, and remediation across the organization
  • Conduct hands-on penetration testing and vulnerability research against SentiLink's infrastructure and applications
  • Partner with engineering teams to remediate findings and embed security into the development process without slowing them down
  • Participate in the security on-call rotation, including incident response and regular response testing
  • Contribute to threat modeling and security design reviews for new systems, with a focus on cloud integrations and identity flows

Requirements

  • 8+ years of experience in security engineering, software engineering with a security focus, or closely related roles
  • Proficient in at least one systems language (Go, Rust, C++) and at least one higher-level language (Python, TypeScript)
  • Proven ability to design and ship production software end-to-end
  • Deep AWS infrastructure expertise, including IAM, EKS, RDS, networking, and managed services
  • Demonstrated ability to identify security misconfigurations and vulnerabilities across cloud architectures, application code, and the integrations between them
  • Experience conducting or building tooling for penetration testing, vulnerability assessment, or red team activities
  • Track record of building security automation and tooling from scratch
  • Comfortable operating independently on ambiguous problems without heavy process or oversight
  • Strong communication skills and the ability to partner with engineers who are not security specialists

Nice to Have

  • Experience building or deploying LLM-based agents or AI-assisted security tooling
  • Prior experience at a security product company (Wiz, Snyk, Datadog, etc.) or other security-forward engineering org
  • Prior fintech, identity, or fraud detection experience
  • Industry certifications (OSCP, OSCE, GPEN, GXPN)
  • Experience with detection engineering or SIEM platforms
  • Published security research, CVEs, or open source security tooling contributions
  • Experience supporting compliance frameworks (FedRAMP, SOC 2, PCI DSS) without it being their primary focus

Similar jobs