Staff Security Engineer

About The Position

Requirements

• Roughly 8 to 12 years of experience in security engineering, including substantial hands-on depth across both application or product security and cloud security.
• Track record of leading difficult technical work across multiple security domains and helping other engineers improve through direction, coaching, and example.
• Strong AWS security expertise across IAM, networking, encryption, secrets protection, logging, and multi-account design, and knowledge of how to secure infrastructure-as-code and modern delivery pipelines.
• Ability to operate as a senior technical partner to engineering and infrastructure teams on topics such as identity, service hardening, telemetry, and secure configuration.
• Ability to read and reason about application code and system architecture, and fluency in one or more backend environments such as Ruby, Node.js, or Java.
• Clear communication with both technical and non-technical stakeholders, and ability to explain tradeoffs, priorities, and risk to senior leadership.
• Experience in regulated environments such as healthcare, finance, or education is required.

Nice To Haves

• Staying current on emerging AI security guidance, including the OWASP Top 10 for LLM Applications and the OWASP GenAI Security Project, and applied that knowledge in real system design.

Responsibilities

• Direct the daily execution of the Application Security and Cloud Security functions, balancing near-term delivery, technical quality, and team development.
• Establish technical priorities, decision frameworks, and operating expectations for two security disciplines so work is sequenced effectively and aligned to business risk.
• Architect and deploy defensive controls for LLM- and AI-enabled capabilities, including protections around prompt handling, retrieval paths, model-connected integrations, sensitive data exposure, and abusive use patterns.
• Assess software, services, dependencies, infrastructure, and deployment patterns to identify material weaknesses and drive practical corrective actions with engineering partners.
• Raise the resilience of Rightway's AWS footprint across identity boundaries, network segmentation, key management, service configuration, organizational structure, and detective guardrails.
• Expand automation for cloud and platform assurance, including infrastructure policy enforcement, configuration review, deployment gating, and runtime visibility in Terraform and CI/CD workflows.
• Set the approach for risk-based prioritization by combining severity, exploit likelihood, business criticality, and environmental context so the most meaningful issues are addressed first.
• Define durable secure engineering expectations that teams can adopt during design, build, test, and release activities without adding unnecessary friction.
• Work with Product and Engineering leaders to shape secure implementation patterns for new platform capabilities, customer-facing features, and AI-driven functionality before those designs are broadly adopted.
• Run deep technical reviews for major initiatives, including new services, cloud patterns, external integrations, and emerging architectures that introduce novel attack surface.
• Guide authentication, authorization, and trust-boundary decisions for business-critical workflows, including SAML 2.0, OAuth, and OIDC use cases spanning B2B and B2C contexts.
• Unify application and cloud control strategy in areas such as secrets usage, identity design, telemetry, service-to-service trust, and deployment architecture so security decisions remain coherent across the stack.
• Coordinate with Corporate Security where shared capabilities such as logging, alerting, access governance, or incident visibility require common design and operational support.
• Improve the signal quality of detection, validation, and testing approaches so teams can investigate faster and act on higher-confidence findings.
• Evaluate, pilot, and operationalize advanced security capabilities, including AI-enabled techniques that improve engineering review, analysis, and remediation outcomes.

Benefits

• bonus
• equity