Sr Security Software Engineer, Data Protection

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Systems, or a related technical field — or equivalent hands-on experience.
• 6+ years in security or platform engineering with proven success delivering data protection solutions at scale across both legacy and cloud environments.
• Practical experience implementing encryption or tokenization for production applications and databases, including managing performance and latency trade-offs.
• Hands-on with some the following: HashiCorp Vault, Thales, HSMs, certificate-based authentication, mTLS, Secrets management, FPE, and tokenization
• Strong database expertise in SQL Server, MySQL, or Oracle
• Expertise in at least one modern language (C# or Java)
• Scripting with PowerShell or Python
• Azure expertise, including secure use of cloud-native services and identity; familiarity with column-level encryption and key rotation.
• Security Framework Knowledge with NIST CSF, ISO 27001, and CIS Controls, applied pragmatically to engineering decisions.
• Excellent communication and influencing skills — able to partner effectively with DBAs, developers, architects, and senior leaders.
• Certifications CISSP, CISM, CCSP, or OSCP are valued but not required. We prioritize hands-on impact over badges.

Nice To Haves

• Experience building BI dashboards for program metrics (Power BI or Tableau)
• Agile/Scrum experience
• Consulting or advisory background.

Responsibilities

• Design, build, and operate cryptographic services to protect data at rest and in use across databases, file shares, and applications
• Implement encryption, tokenization, and secrets management patterns, integrating them into app and data pipelines with minimal friction
• Guide engineering teams through connection string updates, certificate-based authentication, HSM-backed key operations, and column-level encryption
• Establish reference implementations, SDKs, and runbooks that make secure-by-default the easiest path for product and data teams
• Evaluate and integrate data discovery and classification tooling to find and reduce exposure of sensitive data across diverse environments
• Lead security risk assessments for on-prem and cloud data services and translate findings into pragmatic, measurable engineering work
• Instrument and publish program metrics and dashboards that show adoption, coverage, and control effectiveness for senior leadership
• Present recommendations clearly to senior leaders and mentor engineers and DBAs on best practices
• Contribute to security as a service, offering patterns, paved roads, and consultative guidance to partner teams

Benefits

• Medical, dental, and vision
• HSA contribution and match
• Dependent care FSA match
• Uncapped paid time off
• Paid parental leave
• 401(k) match
• Personal and healthcare financial literacy programs
• Ongoing education & tuition assistance
• Gym and fitness reimbursement
• Wellness program incentives