Information Security Engineer

Our fast-paced, highly collaborative IT team is seeking an Information Security Engineer to help improve our security capabilities and streamline security operations. This is a hands-on role for someone with broad technical experience across multiple security domains with the flexibility and independence to help shape our long-term security direction. As we increasingly incorporate AI into our security workflows, this person will play a key role in evaluating and implementing AI-driven automation to improve how our team operates. 

This role requires on-site presence at our South Lake Union office in downtown Seattle on a hybrid basis. 

• →Architect and enforce identity and access control, device security, data protection, NGFW, email, SASE, and AI security
• →Design and own vulnerability and configuration management across network, endpoint, cloud, and applications
• →Build and maintain detection capabilities including XDR, MDR, SIEM, logging, and cloud security (SaaS/Azure/AWS)
• →Translate findings from security operations and incident response into tool architecture and workflow automation improvements
• →Participate in security operations and incident response, including on-call rotation for after-hours incident handling, limited forensics, and ticketing
• →Manage risk register, security awareness, and human risk tool configurations
• →Work cross-functionally with IT, Engineering, and business stakeholders to align security initiatives with business needs
• →Document processes, configurations, and decisions to build durable institutional knowledge

• →Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or equivalent practical experience
• →5+ years of experience in a security engineering, security operations, or equivalent technical role
• →Experience with security operations, including prevention, detection, and response techniques
• →Proficiency in scripting, threat hunting, KQL, and security automation
• →Experience leading information security incident response efforts
• →Strong communication skills, with the ability to translate technical risk into business-relevant language for technical and non-technical audiences 

This position has access to technologies or data subject to U.S. export control regulations. Under these laws, the release or transfer of export-controlled items or information to individuals who are not classified as "U.S. persons" (as defined by Immigration & Nationality Act) may require prior authorization from the U.S. government. We may require additional documentation related to national identity to determine whether an export compliance license is required for any export-controlled items. This information is requested solely for the purpose of complying with U.S. export control laws and will not be used for other purposes. Learn more about export compliance here.