Job Description

We’re looking for a Senior Security Engineer to serve as a key technical leader on our Infrastructure Security Operations team. This role owns the day-to-day security of our multi-region AWS environment, including security tooling, incident response, vulnerability management, and automation.

You’ll write code to eliminate manual work, leverage AI-native tools to improve efficiency, and help raise the technical bar across a growing team. In addition to operational ownership, you’ll support security metrics, compliance, and executive/board reporting.

This role requires occasional after-hours support for critical security incidents and reports directly to the CISO.

How you’ll make an impact:

Secure and Operate the Cloud Environment

• Own cloud security posture across multi-region AWS environments — continuously assess, harden, and improve
• Operate the full security toolset: CSPM, SIEM, vulnerability management, network security, ZTNA, DLP, EDR, and endpoint management
• Drive the vulnerability management lifecycle end to end: scan cadence, prioritization, remediation SLAs, and reporting
• Manage identity and access infrastructure in collaboration with IT, spanning MFA, IAM, IGA, privileged access, and credential management
• Lead the buildout of a Privileged Access Management (PAM) program
• Support ongoing cloud migration security workstreams
• Monitor threat intelligence and external attack surface signals; translate findings into prioritized action

Lead and Respond to Incidents

• Serve as a primary responder for security incidents — triage, contain, eradicate, and recover with urgency and discipline
• Own incident response process maturity: playbook development, evidence chain of custody, forensic readiness, and post-incident reviews
• Be available for occasional after-hours response when critical incidents arise

Build, Automate, and Elevate the Team

• Set the coding and AI standard for the InfraSecOps team — write tools, automate workflows, and actively mentor peers in modern security engineering practices
• Build and maintain automation for alert triage, compliance evidence collection, asset inventory, and security metrics
• Develop API integrations between security tools to eliminate manual handoffs and improve data fidelity
• Contribute to security-as-code practices: IaC security reviews, CI/CD pipeline hardening, and software supply chain controls
• Champion AI-native tooling across the team; evaluate and implement AI-assisted detection, threat hunting, and response capabilities
• Build and contribute to Agentic AI frameworks within the security program
• Stay current on AI security risks — prompt injection, model abuse, shadow AI — and turn awareness into practical controls

Own the Security Program Within Your Domain

• Maintain the security program roadmap and key results for your domain, including compliance attestation timelines and remediation SLA adherence
• Track and mature the security tool portfolio: monitor adoption, measure effectiveness, and drive continuous improvement
• Maintain risk registers and GRC platforms; ensure findings are triaged and resolved within SLA
• Coordinate audit evidence collection for SOC 2 Type II, PCI DSS 4.0, and CyberEssentials+
• Contribute to executive and board-level security reporting — translate operational data into clear program narratives
• Drive cross-functional follow-through with Engineering, IT, Data, and PMO on security workstreams

What you’ll need to succeed:

•       5+ years in security engineering, security operations, or a combined SecOps/program role

•       Must be authorized to work in the United States and be US-based

•       Hands-on experience operating cloud security tooling in AWS environments

•       Proficiency in at least one scripting or programming language — Python strongly preferred

•       Experience building dashboards, writing queries, and tuning alerts in a SIEM platform

•       Strong working knowledge of vulnerability management and incident response lifecycles

•       Experience supporting compliance frameworks: SOC 2, PCI DSS, or equivalent

•       Demonstrated use of AI and ML tooling in a professional security context

•       Track record of mentoring or upskilling peers in technical disciplines

•       Strong written communication skills — equally effective writing for engineers and executives

•       Comfortable with occasional after-hours availability for critical security incidents

What would make you stand out:

•       Experience with GRC platforms: compliance automation, risk management, or audit evidence tooling

•       Exposure to IGA and PAM concepts and tooling

•       Security certifications: CISSP, CISM, AWS Security Specialty, or GIAC (GCIH, GCED, or similar)

•       Background in fintech, lending, or regulated financial services

•       Contributions to security tooling, open-source projects, or internal platform engineering

•       Experience with SOAR platforms or automated response workflows

Why Join Us:

• Generous paid time off

• Competitive medical, dental & vision coverage

• 401K with company match for US

• Company-paid life insurance

• Company-paid short-term and long-term disability

• Access to mental health and wellness resources

• Company-paid volunteer time to do good in your community

• Legal coverage and other supplemental options

• A value-based culture where growth opportunities are endless