Infrastructure Security Engineer

Observe, Inc.•San Mateo, CA

32d

About The Position

At Observe, we’re building next-generation systems in a high-growth environment. As a Security Engineer, you will focus on one primary goal: improving security outcomes without adding friction. You will shape identity and access patterns, strengthen detection/response, streamline vulnerability and configuration management, and make audit readiness a natural output of daily operations. You’ll collaborate closely with IT and Infrastructure to translate security requirements into clear standards, automation, and documentation—so developers focus on solving complex problems, not wrestling with security hurdles. You will manage priorities, deadlines, and deliverables across teams, lead design and playbook reviews, and champion simple, scalable practices that raise the bar for engineering excellence.

Requirements

Bachelor’s degree or equivalent practical experience.
3+ years in security engineering or networking or a blended role across IAM, detections/monitoring, incident response, vulnerability/configuration management, and GRC.
Strong understanding of identity models, least privilege, and access review processes across cloud and SaaS environments.
Experience writing clear runbooks/playbooks and partnering with IT/Infrastructure to operationalize changes.
Familiarity with cloud security fundamentals, CI/CD concepts, and infrastructure-as-code principles.
Ability to translate risk into prioritized, incremental improvements with measurable outcomes.

Nice To Haves

Demonstrated reduction of alert noise and duplicate findings through rule tuning, routing, and suppression.
Proven implementation of just-in-time administrative access, break-glass pathways, and periodic access reviews.
Experience orchestrating incident response and delivering durable, engineering-owned remediations.
Hands-on alignment of operations with SOC 2/ISO 27001 and automation of evidence collection.

Responsibilities

GRC Enablement
Map operating controls to automated evidence (access reviews, backup verification, change control, patch SLOs).
Support third-party assessments, penetration-test scoping, and regression validation; contribute to SOC 2/ISO 27001 readiness.
Identity & Access Management
Design and maintain least-privilege models, just-in-time/step-up patterns, break-glass controls, and periodic access reviews.
Publish clear access standards and reporting that improve visibility for engineering leadership and auditors.
Detections & Monitoring
Define, implement, and tune a ruleset for high-value scenarios (e.g., authentication anomalies, risky configuration changes, suspected key/role misuse, public exposure).
Reduce false positives with context and suppression; maintain coverage and efficacy dashboards.
Incident Response
Author and own playbooks for top scenarios (credential theft, exposed secrets, suspicious data access, privilege escalation).
Run tabletops with IT and Infrastructure; lead post-incident reviews and drive corrective actions with clear owners and timelines.
Vulnerability & Configuration Management
Improve signal quality, deduplication, ownership routing, and SLAs for findings across services and environments.
Partner with Infrastructure on remediation plans, patching objectives, baseline configurations, account/landing-zone structure, and segmentation.
Documentation & Education
Maintain standards, runbooks, and quick-start guides that improve onboarding and day-to-day productivity.
Lead reviews that balance near-term risk reduction with long-term architectural goals.