Security Engineer, Product Infrastructure

About The Position

Requirements

• Hands-on experience in security engineering
• Hands-on experience with at least one security tool used in modern cloud or product environments (Wiz, Orca. SonarCloud, Upwind, or similar)
• Scripting experience in Python or Go (or similar) to automate repetitive tasks, integrate tools, or build small utilities that make the team more efficient.
• Infrastructure-as-Code (Terraform) and Kubernetes - you don’t need to be an expert yet, but you should be comfortable reviewing IaC and/or K8 manifest.
• Prior participation in an on-call rotation for production systems or security incidents, even in a shadowing or secondary role.
• Experience working with tickets, incidents, or production issues, and following a structured process to investigate, document, and resolve or escalate them appropriately.
• Strong communication skills, with the ability to explain what you’re seeing and what you recommend as a next step to both technical and non-technical audiences.
• A learning mindset and growth orientation: you’re comfortable asking questions, seeking feedback, and taking ownership.

Nice To Haves

• Hands on experience with AI tools/systems as they pertain to security engineering

Responsibilities

• Respond to security tickets and alerts: investigate issues, gather context from logs and dashboards, and collaborate with Security Engineering and product/platform teams on next steps.
• Partner with product, platform, and infrastructure teams to understand security findings, explain risk in clear terms, and support them in implementing secure configurations across AWS/GCP, Kubernetes clusters, and shared services.
• Utilize core security tools to protect critical product cloud infrastructure (for example Wiz, CrowdStrike, SonarCloud, Okta, and related platforms)
• Participate in an on-call rotation (with onboarding and shadowing) for security incidents and critical security tooling issues, providing structured triage, documentation, and communication until resolution or hand-off.
• Contribute to security reviews for new services and major infrastructure changes, helping identify misconfigurations and recommending practical mitigations that fit team workflows.
• Learn to read and make small, well-reviewed changes to Infrastructure-as-Code (Terraform) and Kubernetes configurations to help embed guardrails, hardening standards, and security checks into our infrastructure and CI/CD pipelines.
• Collaborate with partners across Security, IT, Platform Engineering, Legal, Risk, and Investigations, building strong working relationships and practicing clear, empathetic communication.