Jobs · Information Technology · Florida

Senior Security Engineer II

Compass · Aventura, FL · 3 days ago
Information TechnologyFull-time

About the role

This role blends strategic partnership, hands-on engineering, infrastructure security, and automation. The Senior Security Engineer, Cloud Security will empower engineers with safe-by-default tooling, ensuring engineering velocity by automating security requirements and building robust guardrails. They will design and implement scalable systems and controls to secure our cloud infrastructure effectively. They will collaborate closely with engineering and security teams to drive the deployment of critical security enhancements and control changes across our cloud infrastructure.

Responsibilities

  • Empower engineers with safe-by-default tooling, ensuring engineering velocity by automating security requirements and building robust guardrails.
  • Design and implement scalable systems and controls to secure our cloud infrastructure effectively.
  • Collaborate closely with engineering and security teams to drive the deployment of critical security enhancements and control changes across our cloud infrastructure.
  • Build enduring, high-trust partnerships with colleagues across the Engineering organization.
  • Absorb and respond to security events, then work with teams to guide and improve their security practices.
  • Conduct security assessments for third-party integrations and emerging AI tools, ensuring that business productivity does not compromise data integrity or compliance.

Requirements

This role requires at least 5+ years of experience in a security-related role, with at least 2+ years specifically focused on cloud security. The ideal candidate should possess a proactive mindset, adept at identifying and resolving security gaps or inefficiencies through innovative automation and tooling. Expertise in securing cloud platforms, particularly AWS and Azure, is essential. Strong analytical and problem-solving skills, with the ability to critically and objectively assess complex security risks, are also required. The candidate should be comfortable guiding and educating development teams to achieve stronger security outcomes. Experience with threat modeling and architectural review processes; you have a track record of identifying potential attack vectors early in the development lifecycle, is a plus.

Qualifications

  • Experience: At least 5+ years of experience in a security-related role, with at least 2+ years specifically focused on cloud security.
  • Technical Skills: Strong understanding of cloud platforms and security features, particularly AWS (IAM, EC2, VPC, container services like ECR, ECS, and EKS), with foundational knowledge of Azure and/or GCP. Proven experience with a CNAPP or similar cloud security tool (e.g., Wiz, Orca Security, Lacework, Upwind). Proficiency in at least one programming language (e.g., Python, Go) for automation. Knowledge of core security principles such as the principle of least privilege, defense-in-depth, and security monitoring. Familiarity with containerization technologies (Docker) and orchestration platforms (Kubernetes).
  • Nice to Have: Experience with GCP, OCI and multi-cloud networks and infrastructure, especially when designing cloud-agnostic systems.

Skills

  • Automation is your default approach to security.
  • You understand the unique challenges of securing systems at scale and consistently leverage automation to solve them.
  • You possess a proactive mindset, adept at identifying and resolving security gaps or inefficiencies through innovative automation and tooling.
  • You have expertise in securing cloud platforms, particularly AWS and Azure.
  • You have strong analytical and problem-solving skills, with the ability to critically and objectively assess complex security risks.
  • You are excited to collaborate with cross-functional teams to build secure, reliable, and scalable systems.
  • You can clearly communicate complex security vulnerabilities and remediation techniques to diverse audiences.
  • You are comfortable guiding and educating development teams to achieve stronger security outcomes.
  • You have experience with threat modeling and architectural review processes; you have a track record of identifying potential attack vectors early in the development lifecycle.

Benefits

  • Participation in our incentive programs (which may include eligible cash, equity, or commissions).
  • Paid vacation, holidays, sick time, parental leave, and recharge leave.
  • Medical, tele-health, dental and vision benefits.
  • 401(k) plan.
  • Flexible spending accounts (FSAs).
  • Commuter program.
  • Life and disability insurance.
  • Maven (a support system for new parents).
  • Carrot (fertility benefits).
  • UrbanSitter (caregiver referral network).
  • Employee Assistance Program.
  • Pet insurance.

Similar jobs

Senior Security Engineer II

BerryDunn — Assurance, Tax and ConsultingUnited States· 3 mo ago
RemoteInformation Technology$155k–$180k/yrapply on careers-berrydunn.icims.com