Job Description
As a Senior Security Engineer, you will play a key role in ensuring the security of our infrastructure, products, and services. You will work closely with engineering and product teams to design, implement, and monitor security measures that protect our company and our customers. Your expertise will be critical in identifying vulnerabilities, responding to incidents, and driving a security-first culture across the organization.
Responsibilities
- Lead the design and implementation of security solutions to protect systems, networks, and applications.
- Identify and mitigate potential security vulnerabilities and risks across all company platforms.
- Conduct regular security audits, vulnerability assessments, and penetration testing.
- Collaborate with engineering teams to integrate security practices into the software development lifecycle.
- Respond to and manage security incidents, including root cause analysis and resolution.
- Develop and maintain security tools, scripts, and processes to enhance operational security.
- Stay current on the latest security trends, threats, and technologies and ensure the company is protected against emerging risks.
- Provide mentorship and guidance to junior security engineers and collaborate cross-functionally to improve overall security awareness.
- Participate in the development and enforcement of security policies and standards.
- Maintain compliance with security frameworks and industry best practices (e.g., NIST, ISO 27001, SOC 2).
Preferred Qualifications
- Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent work experience).
- 5+ years of experience in a security engineering or related role, with a strong background in securing complex systems and applications.
- Expertise in security protocols, encryption technologies, firewalls, intrusion detection systems, and vulnerability management.
- Hands-on experience with cloud security (AWS, Azure, GCP) and container security (Kubernetes, Docker).
- Proficient in security tools such as Wireshark, Nessus, Burp Suite, or similar.
- Experience with scripting languages like Python, Bash, or PowerShell.
- Strong understanding of application security principles (OWASP Top 10, Secure Software Development Lifecycle).
- Ability to conduct threat modeling and risk assessments and develop mitigation strategies.
- Strong knowledge of incident response, forensics, and security monitoring.
- Excellent communication and collaboration skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders.
- Relevant security certifications (e.g., CISSP, CISM, CEH, OSCP) are a plus.
Benefits
- Flexible work schedule and remote work options.
- Opportunity for professional growth and development.
- Collaborative and supportive work environment.