Senior Security Engineer

Senior Security Engineer

Overview

We are seeking a Senior Security Engineer to take ownership of the security posture across a complex, high-scale platform environment. This role sits at the intersection of platform engineering, infrastructure, and application security—embedding security directly into the development lifecycle rather than treating it as an afterthought.

You will partner closely with engineering, data, and product teams to design and enforce secure-by-default systems, ensuring sensitive data is protected while enabling rapid delivery. This is a highly technical, hands-on role focused on modern cloud-native architectures, Kubernetes security, and emerging AI/LLM security considerations.

What You’ll Do

• Own and operate the platform’s security posture end-to-end across core controls including Vault, service mesh security (mTLS), network policies, and policy-as-code frameworks
• Design and implement zero-trust security architecture across services, infrastructure, and data layers
• Conduct threat modeling (STRIDE) for new services and features, documenting risks and mitigation strategies
• Implement and manage supply chain security practices including container scanning, image signing, SBOM generation, and dependency management
• Define and enforce identity and access controls (SAML, OIDC, OAuth, JWT) and integrate with enterprise identity providers
• Establish and enforce data security controls including classification, masking, tokenization, and API-level protections
• Own runtime detection and response, including alerting, SIEM integration, and signal optimization
• Lead security incident response, including containment, remediation, and post-incident analysis
• Design and enforce security controls for AI/LLM systems, including egress controls, prompt injection mitigation, and data protection
• Maintain security runbooks and lead regular internal security reviews

What You Bring

• 6+ years of experience in security engineering, platform security, or DevOps/SRE with a strong security focus
• Hands-on experience securing Kubernetes-based production environments (workload isolation, network policies, admission controls)
• Experience with secrets management and identity systems (Vault, PKI, SAML/OIDC, enterprise IdPs)
• Strong background in supply chain security and integrating security controls into CI/CD pipelines
• Experience contributing to or leading security incident response and remediation efforts
• Ability to work cross-functionally and influence engineering teams without blocking delivery

Technical Expertise

• Zero-trust architecture, defense-in-depth, and least privilege design
• Kubernetes security, policy-as-code (OPA/Gatekeeper, Kyverno), and network policy frameworks
• Service mesh security (Istio, mTLS, authorization policies)
• Supply chain tooling (Trivy, Cosign/Sigstore, Syft, Dependabot/Renovate)
• Identity and access protocols (SAML 2.0, OIDC, OAuth 2.0, JWT)
• Data security practices including PII protection, tokenization, and classification frameworks
• Runtime security and monitoring (Falco, SIEM integration)
• Scripting and automation (Python, Bash)
• Familiarity with compliance frameworks such as SOC 2, ISO 27001, and GDPR

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

AI / LLM Security

• Experience designing security controls for AI systems, including prompt injection mitigation and data exfiltration prevention
• Understanding of risks in agent-based systems and LLM-integrated workflows
• Experience leveraging AI tools for threat modeling, policy generation, and vulnerability analysis

Key Traits for Success

• Security-first mindset with a focus on enabling, not blocking, delivery
• Strong systems thinking across infrastructure, applications, and data
• Pragmatic approach to risk management and control implementation
• Ability to communicate complex security risks in clear, business-impact terms

Why This Role

• High-impact role securing a large-scale, data-intensive platform
• Opportunity to work at the forefront of cloud-native and AI security
• Fully remote flexibility within the U.S.
• Collaborative environment with strong engineering and product partnership