Security Engineer Jobs

About The Position

Requirements

• 6+ years of experience in security engineering, with a strong focus on platform, infrastructure, or application security
• Hands-on experience with vulnerability management tooling and real-time security monitoring platforms (e.g. Qualys, Tenable, Wiz, Lacework, Prisma Cloud, or similar)
• Strong understanding of software and infrastructure security, including container security, supply chain risk, secrets management, and secure configuration
• Experience securing container orchestration platforms such as Kubernetes and OpenStack, and cloud environments including AWS and/or Azure
• Proficiency in Linux and familiarity with how platform engineering teams build and operate infrastructure
• Experience integrating security tooling into CI/CD pipelines and IaC workflows, with scripting ability in Python, Bash, Go, or similar
• Good knowledge of vulnerability scoring frameworks (CVSS), exploit maturity, and risk-based prioritization
• A strong interest in the security domain and a collaborative approach to working with engineering teams to solve complex technical problems

Nice To Haves

• Experience with runtime threat detection tools such as Falco or eBPF-based security tooling
• Familiarity with software supply chain security frameworks (e.g. SLSA, SBOM generation, Sigstore)
• Background working within or alongside a SOC or threat intelligence function
• Relevant certifications such as OSCP, GIAC (GPEN/GWAPT/GCSA), AWS Security Specialty, or equivalent

Responsibilities

• Own the design and operation of NMC²’s vulnerability management program across the platform engineering stack, including infrastructure, containers, and cloud services
• Implement and tune real-time security monitoring and threat detection tooling, ensuring high-fidelity signal across our HPC and cloud environments
• Partner with Platform Engineering and DevOps teams to integrate security scanning and vulnerability assessment into CI/CD pipelines and Infrastructure-as-Code workflows
• Lead vulnerability triage and prioritization, working with engineering teams to drive timely and effective remediation of identified risks
• Conduct platform-level security assessments, contributing to threat modelling and attack surface analysis across our infrastructure and software supply chain
• Develop automation to continuously assess the security posture of our platforms, reducing manual effort and improving detection coverage
• Contribute to the continuous improvement of platform security practices, tooling, and processes, helping foster a security-first culture across engineering

Benefits

• Company-Paid Lunch Stipend: Lunch is provided via GrubHub
• 100% Employer-Paid Medical in our High Deductible Health Plan
• Dental and Vision benefits for employees and their families
• 16 weeks of Paid Parental Leave
• Employee Assistance Program
• Life insurance
• Short-Term Disability and Long-Term Disability
• Company will match 100% of your contributions up to 6% (401k)
• Medical insurance in our PPO plan
• Health Savings Accounts (with Company Contribution!)
• Flexible Spending Accounts
• Supplemental Life Insurance
• Wellhub
• 25 days of Paid Time Off
• 12 company holidays