Sr. Security Engineer II

About The Position

Requirements

• 10+ years of experience.
• Strong hands-on experience with: Terraform, Kubernetes (EKS + Helm), Docker, and scripting in Python & Bash
• AWS services including Step Functions, Lambda, EventBridge, GuardDuty, Macie, IAM, Organizations, and QuickSight
• Policy-as-code tools (OPA, Guardrails, SCPs) and IaC security scanning
• Splunk Enterprise Security (ES) administration, log onboarding, correlation search tuning, and automated responses
• Splunk SOAR playbook development and automation
• Okta Identity Engine (OIE), SSO, SAML, and OIDC protocols
• Proven ability to work independently with minimal supervision while collaborating effectively with cross-functional teams and providing technical guidance.
• Experience designing automation solutions that reduce MTTD and MTTR.
• Solid understanding of cloud security principles, compliance frameworks, and secure infrastructure design.

Nice To Haves

• Experience with Scalr, Harness, or similar IaC deployment platforms.
• Familiarity with GCP and/or Azure cloud environments.
• Prior experience integrating security tools with Jira and building data pipelines for visualization (QuickSight or similar).
• Security certifications (AWS Security Specialty, CKS, Splunk-related certifications, or Okta certifications) are a plus.

Responsibilities

• Design, develop, and maintain automation frameworks and scripts (Python, Bash, Terraform) to streamline security processes and workflows.
• Deploy and manage secure, scalable infrastructure on AWS using Terraform via Scalr and Harness, with additional presence in GCP and Azure.
• Build, support, and optimize AWS Step Functions, Lambda, and EventBridge workflows from a centralized tooling account that operates across multiple spoke accounts in the AWS Organization.
• Maintain Kubernetes clusters using Helm charts, including in-house security automations on pods that integrate with CSPM tools and Jira ticketing processes.
• Develop and enforce cloud security guardrails using OPA, Guardrails, Service Control Policies (SCPs), IaC security gates, and tag policies.
• Architect, build, and maintain Splunk Enterprise Security (ES) integrations, including onboarding log sources, managing indexes, tuning correlation searches, and configuring automated response actions.
• Design and implement Splunk SOAR playbooks to automate security tasks, reduce Mean Time to Respond (MTTR), and scale SOC capabilities.
• Serve as the subject matter expert for Okta Identity Engine (OIE) — building and managing scalable SSO policies, modern authentication (SAML/OIDC), and identity lifecycle processes.
• Leverage AWS security services (GuardDuty, Macie, IAM, Control Tower, KMS, CloudTrail, EventBridge) to build event-driven automations for threat detection and response.
• Own the in-house Jira management process for CSPM findings and the supporting data pipeline that feeds AWS QuickSight dashboards.
• Collaborate with cross-functional teams (Dev, Platform, Security, and SOC) to integrate security automation into CI/CD pipelines and shift security left.
• Conduct risk assessments, enforce security best practices, and continuously improve our defensive posture through automation and tooling.
• Monitor, troubleshoot, and optimize cloud infrastructure and security systems to ensure high availability, performance, and compliance.
• Stay current with AWS best practices, security trends, and emerging technologies to drive continuous improvement.

Benefits

• medical, dental, vision, and basic life insurance programs
• company’s 401(k) plan
• Time Off and Paid Sick Leave
• paid holidays
• Restric Stock Units
• annual bonuses