Job Description SummaryWe are seeking an experienced Senior Security Engineer to lead and execute security architecture, design, vulnerability management, and risk analysis across both cloud and on‑premises environments. This role is responsible for ensuring secure‑by‑design implementations, proactive risk identification, and continuous improvement of the enterprise security posture across platforms, infrastructure, and applications.
Key Responsibilities
Security Architecture & Design
Design, review, and govern security architectures for cloud (AWS/Azure/GCP) and on‑prem infrastructure.
Ensure alignment with enterprise security standards, threat models, and regulatory requirements.
Provide security design guidance for new platforms, applications, and services.
Participate in architecture and design reviews to identify risks early and recommend mitigations.
Cloud & Infrastructure Security
Implement and manage cloud security controls including IAM, network security, data protection, logging, and monitoring.
Secure on‑prem environments including servers, networks, virtualization platforms, and hybrid integrations.
Support secure configuration baselines and hardening standards for cloud and on‑prem systems.
Vulnerability Management
Own and drive the vulnerability management lifecycle, including discovery, triage, risk scoring, remediation guidance, and verification.
Analyze scan results and penetration test findings to determine true risk and business impact.
Partner with engineering and infrastructure teams to prioritize remediation efforts.
Risk Analysis & Threat Modeling
Perform security risk assessments, threat modeling, and impact analysis for systems and services.
Translate technical findings into clear risk statements and actionable recommendations.
Support ongoing risk tracking and reporting for leadership and audit readiness.
Security Operations & Governance
Contribute to incident response investigations from a technical analysis perspective.
Support compliance initiatives (e.g., ISO, SOC, HIPAA, IEC 62304, NIST) by providing technical evidence and assessments.
Develop and maintain security standards, patterns, and reference architectures.
Required Qualifications
8–12 years of experience in cyber security engineering, with hands‑on expertise in both cloud and on‑prem environments.
Strong experience with cloud platforms (AWS, Azure, or GCP) and associated security services.
Proven background in security architecture, design reviews, and infrastructure security.
Hands‑on experience with vulnerability scanning tools, risk assessment methodologies, and remediation processes.
Solid understanding of network security, operating system security, and identity and access management.
Strong analytical and communication skills, with the ability to explain security risks to both technical and non‑technical stakeholders.
Preferred Qualifications
Experience working in regulated environments (healthcare, medical devices, finance, or similar).
Familiarity with security frameworks and standards such as NIST, ISO 27001, CIS, OWASP.
Experience with container and Kubernetes security.
Security certifications such as CISSP, CCSP, CISM, or equivalent.
Experience supporting hybrid or large‑scale enterprise environments.
Job DescriptionRoles and Responsibilities
Security Architecture & Design
- Design, review, and govern security architectures for cloud (AWS/Azure/GCP) and on‑prem infrastructure.
- Ensure alignment with enterprise security standards, threat models, and regulatory requirements.
- Provide security design guidance for new platforms, applications, and services.
- Participate in architecture and design reviews to identify risks early and recommend mitigations.
Cloud & Infrastructure Security
- Implement and manage cloud security controls including IAM, network security, data protection, logging, and monitoring.
- Secure on‑prem environments including servers, networks, virtualization platforms, and hybrid integrations.
- Support secure configuration baselines and hardening standards for cloud and on‑prem systems.
Vulnerability Management
- Own and drive the vulnerability management lifecycle, including discovery, triage, risk scoring, remediation guidance, and verification.
- Analyze scan results and penetration test findings to determine true risk and business impact.
- Partner with engineering and infrastructure teams to prioritize remediation efforts.
Risk Analysis & Threat Modeling
- Perform security risk assessments, threat modeling, and impact analysis for systems and services.
- Translate technical findings into clear risk statements and actionable recommendations.
- Support ongoing risk tracking and reporting for leadership and audit readiness.
Security Operations & Governance
- Contribute to incident response investigations from a technical analysis perspective.
- Support compliance initiatives (e.g., ISO, SOC, HIPAA, IEC 62304, NIST) by providing technical evidence and assessments.
- Develop and maintain security standards, patterns, and reference architectures.
Required Qualifications- 8–12 years of experience in cyber security engineering, with hands‑on expertise in both cloud and on‑prem environments.
- Strong experience with cloud platforms (AWS, Azure, or GCP) and associated security services.
- Proven background in security architecture, design reviews, and infrastructure security.
- Hands‑on experience with vulnerability scanning tools, risk assessment methodologies, and remediation processes.
- Solid understanding of network security, operating system security, and identity and access management.
- Strong analytical and communication skills, with the ability to explain security risks to both technical and non‑technical stakeholders.
Preferred Qualifications- Experience working in regulated environments (healthcare, medical devices, finance, or similar).
- Familiarity with security frameworks and standards such as NIST, ISO 27001, CIS, OWASP.
- Experience with container and Kubernetes security.
- Security certifications such as CISSP, CCSP, CISM, or equivalent.
- Experience supporting hybrid or large‑scale enterprise environments.
Education Qualification
For roles outside USA:
Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math) with advanced experience.
For roles in USA:Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math) with minimum years of experience4years
Desired CharacteristicsTechnical Expertise:
• Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance
• Program and Project Management experience; expertise with Agile development teams
• Experience with secure coding principles; code signing; secure boot
• Experience with penetration testing and ethical hacking
• Knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
• Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML)
• Experienced in developing web services (SOAP/REST)
• Must be available for on call for potential security response
• Knowledge of application risk identification and evaluation techniques
• Knowledge of Cyber Security and full knowledge of multiple related engineering functions
• Experience securing applications within cloud platforms such as AWS, Azure and alike.
• Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment
Note
Note:
To comply with US immigration and other legal requirements, it is necessary to specify the minimum number of years' experience required for any role based within the USA. For roles outside of the USA, to ensure compliance with applicable legislation, the JDs should focus on the substantive level of experience required for the role and a minimum number of years should NOT be used.
This Job Description is intended to provide a high level guide to the role. However, it is not intended to amend or otherwise restrict/expand the duties required from each individual employee as set out in their respective employment contract and/or as otherwise agreed between an employee and their manager.
We will not sponsor individuals for employment visas, now or in the future, for this job opening.
