Senior Security Engineer - Application & Cloud Security

About The Position

Requirements

• 5+ years of experience in Application Security, DevSecOps, Cloud Security, Software Engineering, or related technical disciplines.
• Previous hands-on experience as a software developer, DevOps engineer, platform engineer, infrastructure engineer, or similar engineering role.
• Experience securing modern CI/CD environments and integrating security into engineering workflows.
• Strong experience with Infrastructure as Code (IaC), including Terraform, CloudFormation, Kubernetes, Helm, or similar technologies.
• Experience with public cloud platforms such as AWS, Azure, or GCP.
• Hands-on experience with security tooling such as: SAST, DAST, SCA, etc
• Understanding of OWASP Top 10, API security risks, cloud-native security threats, identity security, and modern attack techniques.
• Experience investigating and remediating vulnerabilities involving applications, APIs, authentication systems, cloud infrastructure, or software supply chain risks.
• Strong understanding of how to leverage AI tools and AI-assisted engineering workflows securely and effectively within day-to-day operations.
• Experience using modern AI-assisted development and security platforms such as GitHub Copilot, Claude, ChatGPT, or similar tools to improve engineering productivity, threat analysis, code review, vulnerability research, automation, and operational efficiency.
• Ability to evaluate, validate, and securely operationalize AI-generated output within enterprise engineering and cybersecurity environments.
• Understand the security implications, risks, and governance considerations associated with AI-assisted software development and modern AI workflows.
• Demonstrates a mindset of continuous learning and adaptation as AI rapidly transforms modern software engineering, DevOps, and cybersecurity operations.

Responsibilities

• Work directly with software engineers, DevOps engineers, architects, and leadership to identify, prioritize, and remediate security vulnerabilities across applications and cloud environments.
• Perform hands-on application security reviews, source code analysis, threat modeling, and architecture reviews for modern applications and APIs.
• Build, integrate, automate, and operationalize security controls within modern CI/CD pipelines.
• Secure Infrastructure as Code (IaC) environments using Terraform, CloudFormation, Kubernetes, and related technologies.
• Develop and maintain automated security tooling and workflows across SAST, DAST, SCA, secrets scanning, container security, and cloud security platforms.
• Support incident response, threat hunting, forensic investigations, and remediation activities related to application and cloud environments.
• Identify and remediate security weaknesses involving APIs, authentication systems, secrets management, cloud infrastructure, containers, and microservices.
• Work closely with engineering teams to establish secure-by-default engineering practices and security guardrails.
• Assist with implementing and tuning WAF, API security, identity platforms, cloud security tooling, runtime protection, and logging/monitoring capabilities.
• Help operationalize modern security practices around: SSDLC, Software supply chain security, Cloud-native security, Threat detection and response
• Participate in security investigations involving fraud, insider threats, suspicious application activity, and cloud incidents.
• Provide technical leadership and mentorship across engineering and security teams.

Benefits

• Competitive compensation
• Full health benefits-Medical/Dental/Vision
• 401(k) match, (5%/4%)
• DTO (discretionary time off)
• Health savings account (HSA) with company contribution
• College tuition reimbursement program (STEM degrees)
• Unlimited use of LinkedIn Learning
• On-site gym and showers
• Free car charging and covered parking