Sr Information Security Engineer (Hybrid - Sandy, UT)

About The Position

Requirements

• 5+ years of experience in Information Security, Application Security, Security Engineering, or a related field
• Strong understanding of modern security principles, frameworks, and best practices
• Experience securing cloud environments, particularly AWS
• Experience implementing and managing identity and access management controls
• Strong understanding of application security concepts including authentication, authorisation, encryption, secure coding practices, and common attack vectors
• Experience performing vulnerability assessments and managing remediation programs
• Familiarity with common security tools including vulnerability scanners, endpoint security solutions, SIEM platforms, and security monitoring tools
• Experience integrating security controls into CI pipelines and development workflows
• Strong scripting or automation skills using Python, Bash, or similar languages
• Understanding of networking concepts including firewalls, VPNs, DNS, TLS, routing, and network segmentation
• Experience investigating and responding to security incidents
• Strong communication skills with the ability to collaborate effectively across technical and non-technical teams
• Demonstrated ability to independently lead technical initiatives and drive outcomes
• Must have valid work authorization in the United States at the time of application. Visa applications of any kind will not be considered.

Nice To Haves

• Experience with Kubernetes and container security
• Experience with DevSecOps practices and tooling
• Experience securing SaaS platforms and customer-facing cloud services
• Familiarity with compliance frameworks such as SOC 2, ISO 27001, NIST CSF, or CIS Controls
• Experience performing threat modelling and security architecture reviews
• Experience with Infrastructure as Code security tools and cloud security posture management platforms
• Experience supporting embedded systems, networking products, or IoT devices
• Experience mentoring engineers and leading security initiatives

Responsibilities

• Design, implement, and maintain security controls across cloud, SaaS, and on-premises environments
• Partner with engineering teams to embed security into the software development lifecycle and CI processes
• Lead vulnerability management activities, including identification, prioritization, remediation tracking, and reporting
• Conduct security assessments, threat modelling, and risk analysis for products, infrastructure, and new initiatives
• Develop and maintain security tooling, automation, and monitoring capabilities
• Drive adoption of secure coding practices and provide guidance to engineering teams on security-related issues
• Monitor, investigate, and respond to security incidents, coordinating remediation activities where required
• Implement and manage cloud security controls across AWS and Azure environments
• Develop and maintain security policies, standards, and technical security guidelines
• Support compliance initiatives and security audits by providing technical expertise and evidence
• Evaluate emerging threats and recommend improvements to security architecture and processes
• Contribute to security awareness and education initiatives across the organization
• Mentor engineers and help raise the overall security capability of the engineering organization

Benefits

• short-term incentive program
• new hire stock award
• paid parental leave
• open (uncapped) PTO
• hybrid work environment
• competitive medical, health & wellbeing and compensation offerings