Security Engineer

POSITION SUMMARY: is responsible for implementing and maintaining security systems and practices that protect the organization’s cloud-native infrastructure, applications, and data. 

DUTIES AND RESPONSIBILITIES

• Implement and manage security solutions including cloud security controls, SIEM, endpoint protection, and traditional security solutions (e.g., firewalls, IDS/IPS) to support our hybrid environment.

• Monitor networks and systems for security breaches, analyze security alerts, and respond to incidents in a timely manner.

• Collaborate with Engineering teams to integrate security into the software development lifecycle (DevSecOps).

• Review and enhance identity and access management (IAM) strategies, including zero trust and least-privilege models.

• Support compliance efforts with standards such as SOC 2.

• Provide guidance during secure architecture reviews.

• Stay current with emerging threats, vulnerabilities, and technologies and provide recommendations for improvement.

REQUIRED QUALIFICATIONS

• Bachelor’s degree in Computer Science, Information Security, or equivalent practical experience.

• 5+ years of dedicated experience in a cloud-first or equivalent environment, focusing on securing cloud platforms (e.g., AWS, GCP, Azure).

• Strong understanding of security architecture, networking, system hardening, and encryption.

• Experience with  security models of containerized systems (ECS or Kubernetes)..

• Familiarity with AWS security tools and services (IAM, VPCs, GuardDuty, etc.).

• Knowledge of scripting or automation languages (e.g., Python, Bash, PowerShell).

• Excellent problem-solving and communication skills.

PREFERRED QUALIFICATIONS

• AWS Security Specialty, Azure Security Engineer Associate, or equivalent cloud security certification, alongside professional certifications such as CEH or CompTIA Security+.

• Experience in a regulated environment or with audit preparation (e.g., SOC 2, FedRAMP, FCRA, GLBA, or PCI-DSS).

• Familiarity with infrastructure as code (IaC) tools..

• Experience with container security practices.