Security Engineer
Outmarket AI · United States · 1 wk ago
RemoteRemoteInformation TechnologyFull-time
About the role
The Security Engineer will own product and application security for a multi-tenant platform handling sensitive insurance data. This role involves building security into how the product ships, across secure SDLC, AppSec, cloud posture, and supply-chain, while leading the response to security issues.
Responsibilities
- Drive secure SDLC and security-focused code review across the engineering org.
- Own application security: authentication, authorization, tenant isolation, SSRF and injection prevention, secrets management.
- Strengthen cloud security posture (GCP IAM, egress controls) and supply-chain controls.
- Capture and coordinate penetration testing, threat modeling, and vulnerability management.
- Lead incident response and advance compliance readiness (e.g., SOC 2).
Requirements
- 4+ years in security engineering, with strong application security depth.
- Hands-on experience securing cloud-native, multi-tenant systems.
- Working knowledge of OWASP-class risks and how to prevent them in real code.
- Ability to partner with engineers and make security practical, not blocking.
Bonus if you have
- Detection & response or compliance/GRC experience.
- Experience securing AI/LLM systems or regulated-data products.