Senior Security Engineer - Infrastructure

About The Position

Requirements

• 7+ years of experience in security engineering, with a focus on cloud-native technologies, distributed systems, and edge computing, including securing Kubernetes environments
• Strong understanding of security best practices across the SDLC, including secure coding principles, threat modeling, and vulnerability management
• Experience securing cloud platforms (AWS, Azure, GCP) and Kubernetes environments, including implementing RBAC, network policies, and container security
• Proficiency in scripting and automation (Python, Bash, Go) for security tooling and infrastructure-as-code (Terraform, Ansible)
• Experience with security monitoring, threat detection, and incident response in cloud and containerized environments
• Excellent communication and collaboration skills, with the ability to work effectively with engineering teams and advocate for security best practices
• Bachelor's degree in a relevant field or equivalent practical experience

Responsibilities

• Design, implement, and manage security controls across our cloud platforms (AWS, Azure, GCP), Kubernetes environments, and Galleon mobile data centers, ensuring secure deployment practices and platform security for microservices and APIs
• Integrate security components within our CI/CD pipelines, including automated security testing (SAST, DAST, container image scanning), vulnerability scanning, and compliance checks. Ensure that security is embedded throughout the software development lifecycle
• Define and implement security configurations for infrastructure, including Kubernetes, using IaC tools (Terraform, Ansible) to ensure consistent enforcement of security policies
• Monitor and respond to security events, develop and maintain security monitoring tools, and participate in incident response activities
• Architect and implement security solutions that protect our cloud-native, hybrid, and on-premises infrastructure, including our Galleon data centers. Conduct security architecture reviews, threat modeling, and risk assessments to identify and mitigate vulnerabilities
• Partner with engineering teams to integrate security tooling into the SDLC, enabling DevSecOps adoption and fostering a culture of shared security responsibility
• Ensure compliance with relevant security standards and regulations (e.g., SOC 2, ISO 27001) through regular audits and implementing necessary controls. Stay up-to-date with cybersecurity threats, trends, and industry standards
• Implement robust perimeter security for Galleon data centers, including physical access controls, intrusion detection systems, and video surveillance
• Design and implement network segmentation within data centers to isolate critical systems and limit the impact of security breaches
• Utilize micro-segmentation techniques to enforce security policies at the workload level, controlling communication between individual applications and services
• Implement data loss prevention (DLP) solutions to prevent sensitive data from leaving the data center environment
• Securely manage and store cryptographic keys used for encryption and authentication within the data center
• Implement robust logging and monitoring systems to track security-related events and detect anomalies
• Regularly conduct vulnerability assessments and penetration testing to identify and remediate security weaknesses
• Develop and maintain incident response plans specific to data center security incident

Benefits

• Competitive base salary and equity
• Medical, dental, and vision (subsidized cost)
• Health savings accounts (HSA), flexible spending accounts (FSA), and dependent care FSAs (DCFSA)
• Retirement plan options, including 401(k) and Roth 401(k)
• Unlimited paid time off (PTO)
• 14 paid company holidays per year