Senior Security Platform Engineer

About The Position

Requirements

• Platform Engineering Approach: Proven experience in a software or security engineering role with a heavy focus on data modeling, systems integration, and building scalable internal tools.
• Security Domain Expertise: Strong understanding of Web Application Firewalls (WAF), vulnerability management, and cloud networking fundamentals.
• Expert Data Manipulation: Strong programming skills in Python and/or SQL/PySpark. You should be comfortable joining disparate, "messy" datasets to build a single source of truth.
• Data Platform Proficiency: Deep experience working with Databricks or similar Delta Lake environments for large-scale data processing and analysis.
• Strategic Problem-Solving: A strong interest in developing the heuristics and logic required to answer complex security questions (e.g., "Which vulnerable apps are missing a WAF?").
• Excellent Communication: Ability to communicate complex platform architectures and risk-based insights in a clear, non-technical manner.

Nice To Haves

• Forward-Looking: Familiarity with the concepts of Agentic AI or RAG (Retrieval-Augmented Generation) is a major plus, as you will be building the data foundation for these tools.

Responsibilities

• Bridge the Visibility Gap: Act as the platform "detective" to identify when security data is incomplete. You will find and add secondary data sources like DNS, WAF Logs, or internal CMDBs. This ensures we have a complete and clear picture of our Web infrastructure risk.
• Automation and DevSecOps: Write production-grade services to automate complex security workflows, turning manual interventions into reliable, software-based processes.
• Build automated logic and workflows to instantly identify vulnerable internet-facing services during emerging threats.
• Enable Risk-Based Onboarding: Architect the platform logic to prioritize WAF deployments and rule adjustments based on real-time data from vulnerability management tools and service criticality.
• Build and maintain "Gold" layer data tables optimized for AI Agents and LLMs. Ensure these tables have clean, relational context for high-value security insights.
• Partner with Data & Security Teams: Work closely with data engineers to improve ingestion pipelines. Collaborate with security researchers to turn high-level threats into detection requirements for the platform.
• Full-Stack Ownership: Lead projects from initial data discovery and requirements gathering to the implementation of production-grade SQL/Spark logic and ongoing system maintenance.