Senior Cyber Security Engineer (Full-time – Remote – USA)

A security MSSP focused on protecting organizations from sophisticated email attacks like phishing, business email compromise, and account takeovers, is on the hunt for a visionary Senior Cyber Security Engineer to help build the next generation of security capabilities at scale. This full-time, remote position in the USA is a senior individual contributor (IC)-level role that perfectly blends deep technical security expertise with strong engineering fundamentals. You’ll be instrumental in building integrations between infrastructure and security tooling, automating crucial security workflows, and partnering with cloud and platform engineering teams to harden the cloud environment.

As a technical lead, you’ll own the architecture and development of systems that enhance both preventative guardrails and detective capabilities, all while ensuring security is a proactive partner to stakeholders. You’ll also mentor junior engineers, act as a vital technical liaison across teams, and contribute directly to keeping our client’s platforms and customers secure. This is the ideal role for engineers who are intellectually curious and highly motivated to bridge the gap between security principles and practical engineering execution.

Who You Are: A Security-Minded Engineering Leader

You’re an intellectually curious, solution-focused engineer with a strong security mindset who thrives in fast-paced environments. You are:

• A technical leader who can architect scalable security solutions while maintaining engineering velocity.
• Someone who thinks like an attacker but builds like a defender, possessing a deep understanding of both offensive and defensive security principles.
• A collaborative engineer who can seamlessly translate complex security requirements into actionable engineering tasks.
• A dedicated mentor who genuinely enjoys teaching security best practices and automation techniques to junior engineers, fostering their growth and expertise.

What You Will Do: Architecting and Automating Cloud Security at Scale

As a Senior Cyber Security Engineer, your responsibilities will involve a strategic blend of security architecture, hands-on automation, incident response, and continuous improvement, all focused on strengthening cloud security within a dynamic environment.

• Lead Threat Modeling and Security Design Discussions: You’ll take the lead in threat modeling and security design discussions with platform teams. This involves proactively identifying potential threats and vulnerabilities in new and existing systems, and meticulously translating these risks into actionable engineering tasks and secure architectural designs. Your input ensures security is embedded from the earliest stages of development.
• Build Scalable Preventative Controls via Infrastructure-as-Code (IaC): You will collaborate extensively with Platform, Infrastructure, and DevOps teams to build scalable preventative controls primarily leveraging Infrastructure-as-Code (IaC). This includes using Terraform as a primary tool, with experience in CloudFormation also being welcome. Your work will ensure security guardrails are automatically enforced, preventing misconfigurations and vulnerabilities at scale.
• Evaluate and Uplift Security Tooling: You’ll be responsible for meticulously evaluating and uplifting existing security tooling across both commercial and cloud-native capabilities. Your focus will be on enhancing their scale, efficiency, and precision, ensuring that the security team has the most effective and performant tools to detect, prevent, and respond to threats across a large, dynamic environment.
• Mentor and Support Junior Engineers: You will play a crucial role in mentoring and supporting junior engineers by sharing your deep expertise in automation best practices, secure architecture principles, and tooling integrations. Your guidance will foster their professional development and contribute to the overall strength and capability of the engineering teams.
• Design and Deploy Automation Workflows for Incident Response: You will architect, design, and deploy advanced automation workflows to significantly enhance incident response capabilities. This involves building systems that can automatically correlate security signals, enrich alerts with contextual information, and auto-remediate known failure patterns, minimizing manual intervention and accelerating response times during security incidents.
• Architect, Build, and Maintain Integrations: You will architect, build, and maintain crucial integrations between cloud-native infrastructure and various security tooling. This includes seamlessly connecting cloud services with SIEM (Security Information and Event Management) systems for centralized logging and analysis, SOAR (Security Orchestration, Automation, and Response) platforms for automated responses, and IAM (Identity and Access Management) tooling for robust access controls.
• Serve as a Hands-on Technical Contributor During Security Incidents: You will serve as a vital hands-on technical contributor during security incidents. This involves actively participating in incident response efforts by meticulously tracing system-level behavior, performing forensic analysis, identifying root causes, and contributing to the enhancement of response processes to improve future incident handling.
• Stay Current with Emerging AI Platforms: You will proactively stay current with emerging AI platforms, including generative AI models and related technologies. This involves evaluating their security implications, assessing their business applicability, and planning for their secure integration into the existing infrastructure.
• Partner with Cloud Infrastructure Teams on Security Controls: You will actively partner with cloud infrastructure teams to implement and maintain security controls across AWS accounts and services. This collaborative effort ensures consistent security configurations, adherence to best practices, and robust protection of cloud resources against evolving threats.
• Build Security Telemetry Pipelines and Log Correlation: Prior experience in building security telemetry pipelines or log correlation frameworks is a highly desirable skill. This involves designing and implementing systems that efficiently collect, process, and analyze security logs from various sources to detect anomalies and identify potential threats.
• Integrate Security Checks into Developer Workflows: Familiarity with CI/CD (Continuous Integration/Continuous Delivery) systems and experience in integrating security checks into developer workflows is beneficial. This includes implementing automated security testing (SAST/DAST), vulnerability scanning, and policy enforcement directly into the development pipeline, shifting security left.

Must-Haves: Your Core Security Engineering Arsenal

To excel as a Senior Cyber Security Engineer, you’ll need extensive experience in security engineering, deep cloud expertise, strong programming skills, and a solid understanding of security tooling and practices.

• Proven Delivery in Security Engineering or Infrastructure Security: You must have a proven track record of successful delivery in security engineering or infrastructure security roles, ideally within cloud-native environments. This demonstrates your practical ability to design, build, and implement robust security solutions in modern, scalable infrastructures.
• Hands-on AWS Native Tooling Expertise: You bring extensive hands-on experience with AWS Native tooling, specifically including:
  • IAM (Identity and Access Management): For managing user identities and access controls.
  • KMS (Key Management Service): For managing cryptographic keys.
  • Config: For compliance auditing and configuration management.
  • Lambda: For serverless compute in automation.
  • EKS (Elastic Kubernetes Service): For managed Kubernetes services.
  • A strong working knowledge of Azure and GCP is also highly valued, indicating multi-cloud familiarity.
• Strong Scripting and Dev Skills: You possess strong scripting and development skills in Python and/or Go. This coding proficiency is essential for building automation tools, security utilities, and integrating diverse systems. You also have proven proficiency with Git for version control, Linux for system administration, and a solid understanding of infrastructure automation patterns.
• Expertise in Integrating/Building Security Tooling: You have expertise in integrating or building tooling for critical security platforms. This includes SIEM (Security Information and Event Management), SOAR (Security Orchestration, Automation, and Response), vulnerability management, and CSPM (Cloud Security Posture Management) platforms. Your experience ensures these tools are effectively deployed and utilized.
• Experience Deploying Security Controls via Infrastructure-as-Code (IaC): You have proven experience deploying security controls via Infrastructure-as-Code (IaC), specifically using Terraform or CloudFormation. This demonstrates your ability to define and manage security configurations declaratively and automate their deployment.
• Comfort with Incident Analysis and Logging: You are comfortable investigating logs, tracing events, and contributing to incident analysis workflows. This indicates strong diagnostic skills and familiarity with security incident response processes.
• Proven Cross-Functional Influence and Collaboration: You have a proven ability to influence and collaborate cross-functionally with engineering, infrastructure, and IT teams. Your communication and interpersonal skills enable seamless teamwork and drive shared security objectives.
• Strong Written Communication and Documentation Skills: You possess strong written communication and documentation skills, with the ability to convey complex designs clearly and concisely. This is crucial for creating robust architectural diagrams, security policies, and operational procedures.
• Experience with Container Orchestration Security: You bring a strong background with using and securing container orchestration platforms like Kubernetes, including expertise in workload security (e.g., Pod Security Standards) and service mesh controls (e.g., Istio, Linkerd) for secure microservices communication.

Nice to Have: Enhancing Your Security Engineering Profile

• Startup Environment Experience: Experience working in fast-paced or startup environments with sometimes ambiguous ownership lines, demonstrating adaptability and resilience.
• JavaScript or TypeScript Familiarity: Familiarity with JavaScript or TypeScript, particularly in the context of DevOps tooling or plugins.
• Commercial Cloud Security Tools: Hands-on experience with commercial Cloud Security tools like CNAPP (Cloud-Native Application Protection Platform), CSPM (Cloud Security Posture Management), DSPM (Data Security Posture Management), and KSPM (Kubernetes Security Posture Management).
• Compliance Frameworks Exposure: Exposure to compliance frameworks such as SOC 2 and ISO 27001, and an understanding of how engineering decisions affect auditability.

Compensation & Benefits: Rewarding Your Expertise

Certain roles are eligible for a bonus, restricted stock units (RSUs), and comprehensive benefits. Individual compensation packages are based on factors unique to each candidate, including their skills, experience, qualifications, and other job-related reasons. The base salary range for this position is $175,000—$200,000 USD. For positions based in San Francisco/New York, the base pay range is $191,300—$225,050 USD.

If this Senior Cyber Security Engineer role aligns with your passion for building scalable security capabilities, your expertise in cloud-native environments and automation, and your drive to bridge security principles with engineering execution, we encourage you to learn more about this exciting full-time, remote opportunity.

Are you ready to think like an attacker but build like a defender for a leading AI security firm?