About the PositionThe Senior Security Engineer (SSE) is responsible for designing, implementing, and continuously improving the security posture of Creative Realities' cloud infrastructure, enterprise systems, and software platforms. This hands-on technical leadership role partners with Cloud Operations, IT, Engineering, Product, and Client Services to ensure the confidentiality, integrity, and availability of company and customer environments.
The SSE is responsible for maintaining and continuously improving CRI's SOC 2 Type II security program, strengthening cloud security across AWS and Azure, integrating security into the Secure Software Development Lifecycle (Secure SDLC), and leading security operations, incident response, vulnerability management, identity and access management, and security automation initiatives. The SSE will work independently with direction from the VP of Cloud Operations and Security while serving as a trusted security advisor to internal teams and customers.
Key Responsibilities- Maintain and continuously improve CRI's security program while supporting ongoing SOC 2 Type II compliance and applicable security frameworks.
- Design, implement, and enforce security controls across AWS, Azure, and enterprise IT environments.
- Lead vulnerability management, remediation tracking, and risk prioritization.
- Manage Identity and Access Management (IAM), including SSO, MFA, privileged access, and least-privilege controls.
- Develop, maintain, and lead incident response plans, security investigations, post-incident reviews, and forensic activities.
- Partner with Engineering and Product teams to integrate security throughout the Secure Software Development Lifecycle (Secure SDLC).
- Lead security architecture reviews for new cloud services, applications, and infrastructure.
- Manage and improve SIEM, EDR/XDR, cloud security monitoring, and threat detection capabilities.
- Develop security automation to improve operational efficiency, monitoring, and compliance validation.
- Support customer security reviews, RFP responses, security questionnaires, and client assessments.
- Conduct internal security reviews and support external audits.
- Develop and deliver security awareness training and mentor technical staff on security best practices.
- Evaluate emerging threats and recommend improvements to CRI's overall security posture.
Education and Experience- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
- 5+ years of progressive experience in cybersecurity, cloud security, or security engineering.
- Experience maintaining mature security programs supporting SOC 2 Type II, ISO 27001, NIST CSF, or CIS Controls.
- Strong experience securing AWS and Azure cloud environments.
- Experience with SIEM, EDR/XDR, IAM, vulnerability management, endpoint security, WAF, encryption, and cloud security technologies.
- Experience supporting customer audits, security questionnaires, and third-party risk assessments.
- Excellent written and verbal communication skills with both technical and business stakeholders.
Required / Preferred CertificationsRequired:
- CISSP, CISM, or equivalent security certification.
Preferred:
- AWS Certified Security - Specialty
- Microsoft Certified: Azure Security Engineer Associate (AZ-500)
- Certified Cloud Security Professional (CCSP)
- GIAC security certifications
Key Competencies / Behaviors- Professional demeanor with unquestionable integrity
- Technical leadership and mentoring
- Excellent problem-solving and analytical thinking
- Ability to communicate security risks to executive leadership
- Strong project management and collaboration skills
- Self-motivated with a continuous learning mindset
Benefits- Company paid individual portion of medical, Life, Long and Short-Term Disability insurances;
- Access to participate in company dental and vision insurance programs;
- 401(k) program, including company paid match of up to 3% of annual salary; and
- Paid time off and holiday pay.
Thank you for your interest in Creative Realities! We look forward to hearing from you.