Senior Security Engineer
The Role
As a Senior Security Engineer, you'll harden the security posture of our AWS environment and our software development pipeline. Cloud Security and vulnerability management in Wiz are the primary focus.
You'll partner with DevOps, Engineering, and our Application Security Engineer to build preventative controls across infrastructure, identity, and CI/CD. The work is hands-on: configuring tooling, reviewing architecture, hardening pipelines, and supporting application security work where your range is needed.
Key Responsibilities
- Own cloud security posture across our AWS environment using Wiz and AWS-native services, reducing risk across IAM, network segmentation, container security, secrets, and data exposure.
- Establish secure defaults in our Infrastructure as Code through reusable modules, guardrails, and policy as code.
- Harden CI/CD pipelines in partnership with DevOps.
- Run vulnerability management across cloud and application findings: intake, prioritization, SLA tracking, and remediation with engineering.
- Build automation that scales the program: ingestion, deduplication, prioritization, and developer-facing workflows.
- Instrument telemetry, alerting, and runbooks for the systems you own.
- Operate and tune our WAF: managed and custom rules, rate limiting, and bot mitigation.
Requirements
- 5+ years of hands-on security engineering across cloud security and vulnerability management.
- Strong AWS security background: IAM, networking, container orchestration, and logging and audit.
- Hands-on experience securing CI/CD pipelines and Infrastructure as Code; Terraform required.
- Experience running or substantially contributing to a vulnerability management program.
- Working knowledge of OWASP Top 10 and threat modeling.
- Operates independently and drives projects without day-to-day oversight.
Nice to Have
- Experience with our stack: Wiz, Cloudflare (WAF, Gateway, Zero Trust), GitHub Advanced Security, Spacelift, and AWS-native services.
- Hands-on WAF experience in production: writing and tuning rules, managing false positives, responding when something gets through.
- AI/ML security exposure: prompt injection, data poisoning, model abuse, and the controls that mitigate them.
- Secrets management platforms (AWS Secrets Manager, Keeper, Infisical).
- Identity security across human and non-human identities.
- PCI-regulated or financial services environment.
- Familiarity with Ruby on Rails, Python, or Go.
Pay
The base annual salary range is listed below. This role is eligible for additional incentives, including an annual bonus.
Base Salary Range
$140,000 - $165,000 USD
Benefits
- Considerable employer contributions for health, dental, and vision programs
- Generous PTO, paid holidays, and paid parental leave
- 401(k) matching program
- Merit advancement opportunities
- Career development & training
Why Join Us?
While you make a difference for others, we’ll work to make a difference for you, providing an uplifting, collaborative work environment and benefits that reflect your value to us.