About the Role
Amynta is seeking a skilled Security Engineer / Architect to join our infrastructure team. This role is focused on strengthening the security of our systems, applications, and infrastructure as we navigate ever-changing threats in today's environment. In this position, you will partner with IT Security, Application Development, and engineering teams to implement and maintain security controls throughout our environment.
Key ResponsibilitiesCloud Security- Implement and enforce security controls in cloud environments (AWS, Azure, and/or GCP).
- Review and harden cloud configurations, governance, IAM policies, and resource permissions.
- Monitor cloud environments using CSPM tools and respond to misconfigurations and alerts.
- Support secure architecture design for cloud-native and hybrid workloads.
Network Security- Provide oversight and architectural guidance for firewalls, IDS/IPS systems, VPNs, and network segmentation controls.
- Review and approve firewall rules, network policies, and security device configurations to ensure alignment with security standards.
- Conduct regular vulnerability assessments on network infrastructure and oversee remediation by relevant teams.
- Define and enforce network access control policies and zero-trust principles across the organization.
Application Security- Champion and enforce secure development practices, ensuring development teams adhere to security principles throughout the SDLC.
- Define and maintain application security standards, policies, and guidelines for development teams to follow.
- Conduct periodic application security assessments and coordinate with teams on risk prioritization.
Infrastructure Security- Primary owner for execution of infrastructure remediation workstreams (patching/hardening/logging changes) and maintaining delivery cadence.
- Own the external-facing findings workflow end-to-end (triage 12 ticketing 12 change control 12 validation) under Infrastructure leadership working with IT Security team.
- Harden on-premises servers, endpoints, and critical services (e.g., Active Directory, Exchange, DNS).
- Track the existing patch management processes and ensure we are compliant.
- Evaluate security control around AI usage.
- Oversee data and SQL security practices, ensuring proper access controls, query validation, and protection against injection attacks and unauthorized data exposure.
- Build/maintain infra security standards/runbooks for Infrastructure teams and ensure ongoing compliance.
QualificationsRequired- 315 years of experience in an information security or security engineering role.
- Hands-on experience with network security tools (firewalls, IDS/IPS, VPN, network monitoring).
- Familiarity with application security practices, OWASP Top 10, and common vulnerability types.
- Experience securing cloud environments in AWS, Azure, or GCP.
- Working knowledge of Windows and Linux system hardening and administration.
- Experience with SIEM platforms and log analysis (e.g., Splunk, Microsoft Sentinel, Elastic).
- Strong understanding of authentication protocols, TLS/SSL, PKI, and access management.
- Ability to communicate security risks clearly to both technical and non-technical audiences.
Preferred- Relevant certifications such as Security+, CEH, OSCP, AWS Security Specialty, or CISSP (Associate).
- Experience with DevSecOps and embedding security into CI/CD pipelines.
- Familiarity with compliance frameworks such as NIST CSF, ISO 27001, SOC 2, or CIS Benchmarks.
- Scripting or automation skills in Python, PowerShell, or Bash.
- Experience with endpoint detection and response (EDR) tools.
Compensation Range: $110,000 - $145,000 and will depend on several factors including relevant experience, skills and knowledge pertaining to this role and industry.