Senior Security Engineer

Creative Realities, Inc.

$100K — $130K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field.
  • 5+ years of experience in cybersecurity, cloud security, or security engineering.
  • Experience with SOC 2 Type II, ISO 27001, NIST CSF, or CIS Controls.
  • Strong experience with AWS and Azure cloud security.
  • Familiarity with SIEM, EDR/XDR, IAM, endpoint security, and encryption technologies.
  • Experience with customer audits and security questionnaires.
  • Strong communication skills with technical and business stakeholders.

Responsibilities

  • Maintain and enhance CRI's security program for SOC 2 Type II compliance.
  • Design and enforce security controls across cloud and enterprise systems.
  • Lead vulnerability management and risk prioritization efforts.
  • Manage Identity and Access Management (IAM) strategies.
  • Develop and oversee incident response plans and security investigations.
  • Integrate security practices into the Secure Software Development Lifecycle (Secure SDLC).
  • Conduct security architecture reviews for new services and applications.
  • Manage cloud security monitoring and threat detection tools.
  • Create automation for operational efficiency and compliance.
  • Facilitate customer security reviews and support external audits.
  • Deliver security awareness training and mentor staff on best practices.

Benefits

  • Company paid individual portion of medical, life, and disability insurances.
  • Access to company dental and vision insurance programs.
  • 401(k) with a company match of up to 3%.
  • Paid time off and holiday pay.
Full Job Description
About the Position

The Senior Security Engineer (SSE) is responsible for designing, implementing, and continuously improving the security posture of Creative Realities' cloud infrastructure, enterprise systems, and software platforms. This hands-on technical leadership role partners with Cloud Operations, IT, Engineering, Product, and Client Services to ensure the confidentiality, integrity, and availability of company and customer environments.

The SSE is responsible for maintaining and continuously improving CRI's SOC 2 Type II security program, strengthening cloud security across AWS and Azure, integrating security into the Secure Software Development Lifecycle (Secure SDLC), and leading security operations, incident response, vulnerability management, identity and access management, and security automation initiatives. The SSE will work independently with direction from the VP of Cloud Operations and Security while serving as a trusted security advisor to internal teams and customers.

Key Responsibilities

  • Maintain and continuously improve CRI's security program while supporting ongoing SOC 2 Type II compliance and applicable security frameworks.
  • Design, implement, and enforce security controls across AWS, Azure, and enterprise IT environments.
  • Lead vulnerability management, remediation tracking, and risk prioritization.
  • Manage Identity and Access Management (IAM), including SSO, MFA, privileged access, and least-privilege controls.
  • Develop, maintain, and lead incident response plans, security investigations, post-incident reviews, and forensic activities.
  • Partner with Engineering and Product teams to integrate security throughout the Secure Software Development Lifecycle (Secure SDLC).
  • Lead security architecture reviews for new cloud services, applications, and infrastructure.
  • Manage and improve SIEM, EDR/XDR, cloud security monitoring, and threat detection capabilities.
  • Develop security automation to improve operational efficiency, monitoring, and compliance validation.
  • Support customer security reviews, RFP responses, security questionnaires, and client assessments.
  • Conduct internal security reviews and support external audits.
  • Develop and deliver security awareness training and mentor technical staff on security best practices.
  • Evaluate emerging threats and recommend improvements to CRI's overall security posture.


Education and Experience

  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
  • 5+ years of progressive experience in cybersecurity, cloud security, or security engineering.
  • Experience maintaining mature security programs supporting SOC 2 Type II, ISO 27001, NIST CSF, or CIS Controls.
  • Strong experience securing AWS and Azure cloud environments.
  • Experience with SIEM, EDR/XDR, IAM, vulnerability management, endpoint security, WAF, encryption, and cloud security technologies.
  • Experience supporting customer audits, security questionnaires, and third-party risk assessments.
  • Excellent written and verbal communication skills with both technical and business stakeholders.


Required / Preferred Certifications

Required:

  • CISSP, CISM, or equivalent security certification.


Preferred:

  • AWS Certified Security - Specialty
  • Microsoft Certified: Azure Security Engineer Associate (AZ-500)
  • Certified Cloud Security Professional (CCSP)
  • GIAC security certifications


Key Competencies / Behaviors

  • Professional demeanor with unquestionable integrity
  • Technical leadership and mentoring
  • Excellent problem-solving and analytical thinking
  • Ability to communicate security risks to executive leadership
  • Strong project management and collaboration skills
  • Self-motivated with a continuous learning mindset


Benefits

  • Company paid individual portion of medical, Life, Long and Short-Term Disability insurances;
  • Access to participate in company dental and vision insurance programs;
  • 401(k) program, including company paid match of up to 3% of annual salary; and
  • Paid time off and holiday pay.


Thank you for your interest in Creative Realities! We look forward to hearing from you.

Similar Jobs

More Jobs at Creative Realities, Inc.

More Information Technology Jobs

Find similar Senior Security Engineer jobs: