Senior Security Infrastructure Engineer

This is a fully remote position, open to applicants in Mexico.

📋 Description

• Oversee and manage vulnerability assessments across infrastructure, platforms, and applications, which includes conducting internal scans, analyzing dependencies, and addressing external findings by confirming true positives and facilitating remediation with engineering teams.

• Develop, operate, and enhance SIEM/XDR capabilities, encompassing log ingestion, creation of detection rules, tuning alerts, and establishing investigation workflows.

• Analyze and respond to security incidents in cloud infrastructure and applications, executing root cause analysis and implementing long-term solutions.

• Design and execute detection strategies for anomalous activities, including patterns of data exfiltration through application and database telemetry.

• Lead and participate in threat modeling sessions and security design evaluations to proactively identify risks and reinforce system architecture.

• Leverage extensive expertise in AWS and Kubernetes to architect, secure, and optimize resilient and secure cloud infrastructure at scale.

• Propel initiatives for hardening infrastructure and CI/CD processes, concentrating on minimizing risks associated with software and container supply chains.

• Spearhead efforts to establish and enhance systems and controls for detecting risks within dependencies and the container supply chain.

• Collaborate closely with engineering teams to address vulnerabilities and enhance secure development and deployment methodologies.

• Support and enforce security controls that align with PCI DSS, SOC 2, and various other compliance mandates.

• Design and implement automation (including AI when applicable) to boost efficiency in security operations, detection, and response.

• Evaluate and confirm external security findings, differentiating between true positives and coordinating remediation efforts.

⛳️ Requirements

• A minimum of 6 years of experience in security, software, or infrastructure engineering, with hands-on expertise in securing production systems in the cloud and tackling real-world security challenges.

• Proven experience in contributing to threat modeling and conducting security design reviews for contemporary systems.

• Strong practical experience in vulnerability management, which includes scanning, triage, validation, remediation coordination, and verification.

• Familiarity with SIEM platforms (e.g., Wazuh, Splunk, ELK) for detection engineering, monitoring, and incident response.

• Hands-on experience in triaging findings from vulnerability scanners and bug bounty initiatives.

• In-depth knowledge of AWS, Linux, and Kubernetes infrastructure, focusing on security architecture, hardening, and operational best practices.

• Experience in bolstering infrastructure security, including CI/CD hardening and addressing software supply chain vulnerabilities.

• Familiarity with container and dependency security tools (e.g., Snyk, Trivy, Grype, etc.).

• Capability to investigate issues directly using logs, cloud tools, and system-level data.

• Understanding of common security vulnerabilities and their mitigation strategies (OWASP, SANS, etc.).

• Basic knowledge of compliance frameworks such as PCI DSS and SOC 2.

🏝️ Benefits

• Opportunity for professional growth and development in a cutting-edge security environment.

• Comprehensive health and wellness benefits.

• Flexible work arrangements and a supportive company culture.

• Access to the latest tools and technologies in cybersecurity.

• Participation in ongoing training and certification programs.