Jobs · Engineering · Colorado

Senior Platform Engineer, Security

Simplesense · Denver, CO · 5 days ago
HybridEngineering$180k–$235k/yrFull-time

Responsibilities

  • Security Tooling & Compliance Codification: Partner with the Security Team to intake defined compliance baselines and translate them into automated configuration management playbooks for enterprise tools.
  • IaC Deployment & Configuration Automation: Build, maintain, and scale automated IaC deployments to ensure operational environments and tools are managed as code.
  • Access & Identity Automation: Collaborate with Security and Platform team members to automate user provisioning and access through existing application features, APIs and IaC methodologies.
  • DevSecOps: Embed security concepts and tooling into the development and deployment pipeline to facilitate early identification and remediation opportunities.
  • Cloud Network Security: Implement and harden automated security groups, network policies, and cloud infrastructure to securely segment dataflows across environments following Zero Trust principals.
  • Secure Package Management: Deploy, configure, and maintain secure package management proxies and local repos to safeguard infrastructure pipelines and the software supply chain.
  • Hands-on Engineering (70%): Write clean, reusable infrastructure code, configuration scripts, and API integrations, setting the technical pattern for secure-by-default platform architecture.
  • Cross-Functional Alignment (30%): Collaborate with engineering and security teams to embed security tools directly into core infrastructure pipelines, breaking down work and resolving deployment bottlenecks.

Requirements

  • Extensive professional experience (5-10 years) in platform engineering, system administration, cloud engineering, or DevSecOps, with an emphasis on security and automation.
  • Proven track record of managing infrastructure-as-code (IaC) via tools like Cloudformation, Terraform, OpenTofu, or Ansible, across hybrid environments.
  • Strong experience working with application APIs for configuration automation and management.
  • Solid understanding of secure software supply chain mechanics, including package repositories, artifact management, and proxy configurations.
  • Strong AWS cloud engineering and security background, with demonstrated experience in network topology automation, firewalls, autoscaling groups, and native security services (SecurityHub, GuardDuty, Inspector).
  • Familiarity with NIST 800-53 and NIST 800-82 compliance.
  • Able to work a hybrid schedule, primarily based in the Denver metro area, with an expectation of being in the office at least two or three times weekly.
  • Must be a U.S. Citizen and able to obtain a DoD NIPR network account and Common Access Card (CAC).
  • Current DoD 8140 Intermediate or Advanced Foundational Qualification or ability to obtain within 90 days of hire.
  • Must have, or be able to obtain, a Secret Clearance.

Similar jobs