Senior Cybersecurity Engineer

CampminderBoulder, CO
Hybrid

About The Position

Camps trust Campminder to keep their data safe, and that trust is what lets them focus on running a great summer. You'll own how we protect that data end to end: architecting and hardening our security infrastructure, carrying our PCI and SOC2 programs through every audit, and setting the roadmap that keeps us ahead of real threats. You'll be the person the engineering org comes to on security and the one who defines what good looks like at Campminder.

Requirements

  • 5+ years in security engineering or DevSecOps, with hands-on ownership of both pipeline-level and infrastructure-level security
  • Experience configuring IAM and SSO platforms (Okta, Auth0) alongside cloud-native identity controls like Azure conditional access
  • Comfort embedding security directly into CI/CD workflows: SAST/DAST/SCA tooling, secrets management, and policy-as-code
  • A track record hardening containerized and cloud-native environments, including Kubernetes and image scanning
  • Experience executing PCI or similar compliance technical controls (scans, SAQs, evidence prep); program ownership isn't required, but you know how to translate auditor requirements into engineering work
  • Familiarity administering SIEM/XDR and EDR/DLP tooling
  • The judgment to triage real vulnerabilities over theoretical ones, and to know when to escalate versus fix directly
  • Experience running or supporting security awareness and training programs
  • Exposure to AI tooling governance, such as MCP inventories, code-gen release gating, or supply-chain monitoring for AI-assisted development

Responsibilities

  • Manage identity and access infrastructure, including Azure conditional access, Okta SSO, and Auth0, keeping MFA and zero-trust enforced across production and internal apps
  • Integrate security scanning (SAST, DAST, SCA) into CI/CD pipelines and drive remediation before code reaches production
  • Configure, tune, and harden WAF rules across our web applications
  • Own vulnerability scanning and remediation using tools like Mondoo and SecurityMetrics, and administer EDR, DLP, and SIEM/XDR tooling across servers and endpoints
  • Manage secrets and credentials in build pipelines, including vault-based storage, rotation, and least-privilege service accounts
  • Execute PCI technical controls: SAQ completion, quarterly ASV scans, and disaster recovery implementation
  • Harden containerized and cloud-native environments, including image scanning and Kubernetes configuration
  • Coordinate pen testing engagements and drive remediation against SLA timelines
  • Run security awareness training programs (KnowBe4, Security Journey) and maintain AI usage oversight, including approved tooling, code-gen governance, and supply-chain monitoring

Benefits

  • Robust medical, dental, and vision coverage options with generous employer contributions
  • $500 employer HSA contribution for HSA-compatible plans
  • Ability to choose where you work - remotely, in the office, or a mix!
  • A variety of resources to support mental health and emotional well-being
  • 12 weeks of 100% paid parental leave for all new parents, including via adoption, surrogacy, and foster care
  • 401(k) with 4% company matching
  • Trust-Based (flexible) PTO
  • $900/year wellness allowance
  • Company-paid subscriptions, training, and support for using AI professionally and personally
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service