Senior Security Engineer

The Security Engineer is responsible for building, maintaining, and improving defensive security measures, tools, and processes that protect systems, applications, and data. This role works closely with the Security, DevOps, and Engineering teams to proactively identify risks, remediate vulnerabilities, and strengthen the overall security posture of the organization.

Key Responsibilities:

- Maintain and enhance intrusion detection and prevention systems (IDS/IPS).
- Support the vulnerability management lifecycle, including scanning, triage, remediation, and reporting.
- Develop and maintain security automation scripts and tooling to improve efficiency and reduce manual work.
- Partner with SOC Analysts during incident response to investigate, contain, and remediate threats.
- Collaborate with DevSecOps engineers to secure CI/CD pipelines, containers, and cloud infrastructure.
- Conduct regular security assessments of infrastructure, applications, and configurations.
- Assist in implementing and maintaining endpoint security controls and monitoring solutions.
- Research emerging threats, attack techniques, and security tools, applying them to strengthen defenses.
- Document security standards, procedures, and response playbooks.

Required Qualifications:

- Experience in security engineering, system administration, or related roles.
- Solid understanding of network security concepts (firewalls, IDS/IPS, proxies, VPNs).
- Experience with vulnerability management tools and processes.
- Strong scripting skills in Python, Bash, or PowerShell for automation and tooling.
- Familiarity with cloud platforms (AWS, Azure, or GCP) and securing cloud-native services.
- Hands-on experience with endpoint security tools and monitoring solutions.
- Strong analytical and problem-solving skills with the ability to think like an attacker.

Preferred Qualifications (Nice-to-Haves): Experience securing containerized workloads (Docker, Kubernetes); knowledge of compliance frameworks (PCI-DSS, SOC 2, NIST, ISO 27001); familiarity with SIEM solutions and log analysis; and experience with Infrastructure as Code (Terraform, CloudFormation).

Join us!