Jobs · Information Technology · New York

Security Engineer

Profound · New York, NY · 1 wk ago
Information Technology$200k–$250k/yrFull-time

What You'll Do

  • Partner with the Infrastructure team to harden the AWS environment
  • Drive SOC 2 Type II continuous compliance (defining controls and closing gaps)
  • Integrate security scanning into CI/CD pipelines
  • Enforce least-privilege access controls and conduct regular access reviews across environments
  • Build and run a vulnerability management program spanning infrastructure, applications, and dependencies
  • Triage and respond to security findings from automated tooling, bug bounty programs, and third-party assessments
  • Partner with Infrastructure to implement detection and monitoring capabilities using log aggregation and SIEM tooling
  • Conduct risk assessments, maintain a risk register, and drive prioritization decisions
  • Build security policies and procedures that reflect how we actually operate
  • Lead post-incident reviews and drive systemic improvements

Must Have

  • 5+ years in security engineering, with experience in high-growth SaaS or infrastructure-heavy environments
  • Hands-on experience building or maintaining a SOC 2 compliance program
  • Strong knowledge of AWS security services and cloud security architecture (IAM, VPC, CloudTrail, GuardDuty, Security Hub)
  • Deep understanding of identity and authentication protocols (OAuth, SAML, OIDC)
  • Practical scripting skills in Python or Bash for automating security workflows

Strong Plus

  • Experience integrating vulnerability management and security scanning (SAST, DAST, SCA, container scanning) into CI/CD workflows
  • Familiarity with network security fundamentals (firewalls, DNS, VPNs, segmentation, traffic analysis)
  • Experience with infrastructure-as-code security (Terraform, CloudFormation)
  • Background in penetration testing, application security assessments, or CTF competitions
  • Familiarity with data infrastructure security for systems like ClickHouse or PostgreSQL
  • Experience with data processing compliance in analytics-heavy environments
  • Relevant certifications (CISSP, CCSP, AWS Security Specialty, or similar)

Who You Are

  • A clear communicator who can translate security risks into business terms for engineering, leadership, and customer-facing teams
  • A systems thinker who reasons about root causes, blast radius, and scalable control design
  • A self-directed individual with strong judgment and comfort operating with significant autonomy
  • Motivated by building the security foundation for a category-defining AI company

Similar jobs

Security Engineer

AnaVation LLCWashington, United States· 5 days ago
Information Technologyapply on adzuna.com

Security Engineer

Sensiba LLPCalifornia, United States· 3 days ago
RemoteInformation Technology$97k–$145k/yrapply on sensiba.pinpointhq.com

Security Engineer

TruistCharlotte, NC· 4 days ago
Information Technologyapply on careers.truist.com

Security Engineer

United States Cold Storage, Inc.Camden, NJ· 1 wk ago
Information Technology$100k–$120k/yrapply on recruiting.ultipro.com

Security Engineer

HeyGenSan Francisco, CA· 1 wk ago
Information Technologyapply on grnh.se

Security Engineer

Candid HealthDenver, CO· 1 mo ago
Information Technologyapply on joincandidhealth.com