Senior Security Engineer

📋 Description

• Create, develop, and sustain automation frameworks and scripts (Python, Bash, Terraform) to enhance security processes and workflows.

• Deploy and oversee secure, scalable infrastructure on AWS utilizing Terraform through Scalr and Harness, with additional support in GCP and Azure.

• Construct, maintain, and optimize AWS Step Functions, Lambda, and EventBridge workflows from a centralized tooling account that serves multiple spoke accounts within the AWS Organization.

• Manage Kubernetes clusters with Helm charts, including internal security automations on pods that work in conjunction with CSPM tools and Jira ticketing workflows.

• Establish and enforce cloud security guardrails utilizing OPA, Guardrails, Service Control Policies (SCPs), IaC security gates, and tagging policies.

• Design, build, and maintain Splunk Enterprise Security (ES) integrations, which encompass onboarding log sources, managing indexes, tuning correlation searches, and configuring automated response actions.

• Develop and implement Splunk SOAR playbooks to automate security tasks, minimizing Mean Time to Respond (MTTR), and enhancing SOC capabilities.

• Act as the subject matter expert for Okta Identity Engine (OIE) — building and managing scalable SSO policies, modern authentication (SAML/OIDC), and identity lifecycle processes.

• Utilize AWS security services (GuardDuty, Macie, IAM, Control Tower, KMS, CloudTrail, EventBridge) to create event-driven automations for threat detection and response.

• Manage the internal Jira process for CSPM findings and the associated data pipeline that supports AWS QuickSight dashboards.

• Collaborate with cross-functional teams (Dev, Platform, Security, and SOC) to embed security automation into CI/CD pipelines and promote a security-first approach.

• Perform risk assessments, uphold security best practices, and consistently enhance our defensive posture through automation and tooling.

• Monitor, troubleshoot, and optimize cloud infrastructure and security systems to maintain high availability, performance, and compliance.

• Remain updated with AWS best practices, security trends, and emerging technologies to facilitate continuous improvement.

⛳️ Requirements

• Over 10 years of experience.

• Extensive hands-on experience with:

• Terraform, Kubernetes (EKS + Helm), Docker, and scripting in Python & Bash

• AWS services including Step Functions, Lambda, EventBridge, GuardDuty, Macie, IAM, Organizations, and QuickSight

• Policy-as-code tools (OPA, Guardrails, SCPs) and IaC security scanning

• Administration of Splunk Enterprise Security (ES), log onboarding, tuning of correlation searches, and automated responses

• Development and automation of Splunk SOAR playbooks

• Okta Identity Engine (OIE), SSO, SAML, and OIDC protocols

• Demonstrated ability to work independently with minimal supervision while effectively collaborating with cross-functional teams and providing technical guidance.

• Experience in designing automation solutions that lower MTTD and MTTR.

• Strong grasp of cloud security principles, compliance frameworks, and secure infrastructure design.

🏝️ Benefits

• Employees (and their families) who meet eligibility criteria as outlined in applicable plan documents can participate in our medical, dental, vision, and basic life insurance programs and may enroll in our company’s 401(k) plan.

• Employees will be entitled to Time Off and Paid Sick Leave in accordance with the company’s policies.

• Employees will benefit from paid holidays throughout the calendar year.

• The selected candidate may be granted Restricted Stock Units and receive annual bonuses based on eligibility and performance criteria specified in the respective plan documents and policies.