Senior Security Engineer
About The Position
The Senior Security Engineer (AWS) is a senior individual contributor responsible for supporting and enhancing Pacvue’s cloud and application security practices. This role works closely with Engineering, DevOps, and IT to implement security best practices, improve system resilience, and help ensure our environments are secure and compliant. This is a hands-on role for a security practitioner who brings strong technical expertise and enjoys collaborating with cross-functional teams to strengthen security across cloud infrastructure and applications. You will contribute to ongoing security initiatives, support program execution, and help drive continuous improvement.
Requirements
- 5–8+ years of experience in security engineering, cloud security, or a related field
- 3+ years of hands-on AWS security experience in a production environment
- Experience with AWS security services such as IAM, GuardDuty, Security Hub, AWS Config, and CloudTrail
- Familiarity with application security tools (SAST, DAST, SCA)
- Experience with infrastructure-as-code tools such as Terraform or AWS CDK
- Understanding of vulnerability management practices
- Familiarity with security and compliance frameworks (SOC 2, ISO 27001, CIS Benchmarks)
- Strong communication skills and ability to work effectively with cross-functional teams
Responsibilities
- Implement and maintain AWS security configurations across development, staging, and production environments
- Apply IAM best practices, including least-privilege access and role-based access controls
- Configure and monitor AWS-native security services such as CloudTrail, GuardDuty, Security Hub, AWS Config, and Macie
- Participate in cloud security reviews for new and existing services
- Support security best practices in infrastructure-as-code (Terraform, AWS CDK) and CI/CD pipelines
- Help maintain cloud security baselines aligned to CIS Benchmarks and AWS Well-Architected Framework
- Contribute to secure Software Development Lifecycle (SDLC) practices, including shift-left security efforts
- Participate in threat modeling and security design reviews
- Operate SAST, DAST, and SCA tools integrated into CI/CD pipelines (e.g., Snyk, Checkmarx, Veracode, Semgrep)
- Partner with engineering teams to remediate vulnerabilities and improve secure coding practices
- Support development and maintenance of secure coding guidelines
- Assist in vulnerability identification, triage, and remediation tracking across infrastructure and applications
- Support internal and external penetration testing activities
- Help track and report on vulnerability metrics and remediation progress
- Support compliance efforts such as SOC 2 Type II and ISO 27001 audits
- Collaborate with team members to improve security processes and documentation
- Contribute to security runbooks and incident response procedures
Benefits
- Flexible Paid Time Off
- Paid Holidays and Floating Holidays
- Medical, Dental, Vision, FSA/HSA, Life Insurance and Pet Insurance
- 401k with Employer Match
- Take up to 2 Days of Paid Time Off to Volunteer with a 501c Organization
- Paid Parental Leave
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
