Senior Cybersecurity Engineer

About The Position

Requirements

• 7+ years of experience in cybersecurity engineering or a related field
• Experience securing cloud environments such as AWS, Azure, or GCP
• Hands-on experience with security and observability tools such as SIEM, EDR/XDR, CSPM, and centralized logging/monitoring platforms
• Strong understanding of network, application, and API security
• Experience with identity and access management (IAM) and role-based access controls
• Experience administering identity platforms, including SSO, conditional access, and identity governance
• Experience managing DNS records and configurations in support of security operations
• Experience implementing security controls in code repository platforms and cloud-native services (e.g., GitHub, AWS)
• Experience working in regulated environments such as financial services or insurance
• Self-motivated learner who proactively researches emerging technologies, security trends, and evolving threats without waiting for direction

Nice To Haves

• Experience supporting insurance or annuity platforms
• Familiarity with regulatory frameworks such as SOC 2 or NAIC guidelines
• Certifications such as CISSP, CISM, or cloud security certifications
• Experience integrating security into CI/CD pipelines (DevSecOps)
• Experience in security operations (SecOps), including triage, incident handling, and operational monitoring
• Demonstrated initiative in independently building knowledge in areas such as AI, automation, or other rapidly evolving technology domains
• Strong communication skills and ability to work across technical and business teams

Responsibilities

• Design and implement security controls across cloud infrastructure, applications, and data platforms
• Review and secure system architectures, APIs, and integrations
• Ensure secure configurations across environments supporting customer, policy, and financial systems
• Manage and tune cloud security posture management (CSPM) tooling to identify and remediate misconfigurations
• Implement and manage security controls across code repositories and CI/CD platforms, including branch protection, secret scanning, and access policies
• Implement and manage security controls within cloud service provider environments, including IAM policies, network security groups, and service configurations
• Monitor systems for security events using centralized logging and observability platforms
• Lead investigations, root cause analysis, and remediation efforts
• Improve detection capabilities through log aggregation, alerting, dashboards, and automation
• Implement and manage identity and access controls aligned with least privilege principles
• Safeguard sensitive customer and financial data through encryption and secure data practices
• Manage vulnerability scanning and remediation processes
• Administer and optimize the identity platform, including SSO, conditional access policies, and identity governance
• Manage DNS records and configurations to support security and operational integrity
• Partner with compliance and legal teams to support regulatory requirements and audits
• Help maintain security controls aligned with industry standards
• Contribute to risk assessments and ongoing control improvements
• Work closely with engineering, data, and operations teams to embed security into workflows
• Provide practical guidance on secure development and system design
• Help promote a strong security culture across the organization
• Continuously research and evaluate emerging security tools, technologies, and best practices to strengthen the organization’s security posture

Benefits

• Competitive compensation package
• PTO
• health benefits
• career growth opportunities