Senior Security Engineer

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Software Engineering, or related field required; equivalent professional experience may be considered.
• 5+ years of experience in Security Operations, Cybersecurity Engineering, DevSecOps, or related information security roles.
• Hands-on experience securing CI/CD pipelines, source code repositories, cloud environments, and modern software development platforms.
• Experience with security tools such as vulnerability management, SIEM, endpoint detection, SAST/DAST, container security, and infrastructure-as-code scanning.
• Strong knowledge of cloud platforms such as Amazon Web Services AWS, Microsoft Azure, or Google Google Cloud.
• Experience with automation or scripting using Python, PowerShell, Bash, or similar languages, with familiarity securing or governing AI tools and platforms preferred.
• Critical Thinker
• Work in a fast-paced environment
• Solve complex problems
• Strategies and scale ideas and solutions
• Trustworthy and reliable
• Self-Starter and ability to work independently
• Ability to work with technical and non-technical staff
• Strong written and verbal communication skills

Nice To Haves

• familiarity securing or governing AI tools and platforms preferred

Responsibilities

• Lead security operations initiatives focused on securing modern software development pipelines, CI/CD platforms, and cloud-native DevOps environments.
• Partner with engineering and DevOps teams to embed security controls into the Software Development Life Cycle (SDLC) using Dev/SecOps best practices.
• Design, implement, and monitor security controls for source code repositories, build systems, artifact management platforms, and deployment pipelines.
• Conduct threat modeling, risk assessments, application pen testing, and security reviews for internally developed applications, APIs, and automation platforms.
• Develop and maintain detection and response capabilities for software supply chain threats, credential misuse, pipeline compromise, and cloud workload attacks.
• Manage vulnerability management processes for applications, containers, infrastructure-as-code, open-source dependencies, and CI/CD tooling.
• Implement automated security scanning tools including SAST, DAST, SCA, IaC scanning, and container security solutions.
• Monitor security events across cloud platforms, developer tooling, SaaS environments, and production systems using SIEM/XDR technologies.
• Investigate and respond to security incidents involving applications, DevOps tooling, cloud environments, and identity platforms.
• Establish security standards for AI/ML systems including model governance, secure API usage, data protection, and responsible AI controls.
• Assess and mitigate emerging AI-related risks such as prompt injection, model abuse, data leakage, shadow AI usage, and unauthorized automation.
• Evaluate, implement, and secure enterprise AI tools to improve SecOps efficiency, threat detection, alert triage, and incident response workflows.
• Build automation scripts and workflows to streamline repetitive security operations tasks and improve response times.
• Collaborate with developers to remediate security findings quickly while balancing operational efficiency and release velocity.
• Create dashboards, metrics, and reporting for security posture across DevOps pipelines, application environments, and AI platforms.
• Stay current on evolving threats related to software supply chain security, cloud platforms, DevOps ecosystems, and artificial intelligence technologies.
• Other duties as assigned.

Benefits

• A flexible, autonomous work environment.
• Growth and travel opportunities.