Senior Security Engineer

Senior Security Engineer – Remote (US) – Competitive Salary Opportunity to work with an Ambitious, Rapidly-Growing Company!

This young, but already well-established organisation are currently looking for a Senior Security Engineer to join their team and help drive the business forwards.

This could be an excellent opportunity for an experienced Security Engineer with founding/small start-up experience to take that next step into an exciting position with a very well-run and ambitious organisation in an innovative, exciting space.

This young and agile company are building cutting-edge platforms to help American users! They are in a unique space where there is an opportunity for them to gain significant market share very quickly.

About the Company:

This very young company have taken big strides in their space already!

With their ambitious product vision, you will tackle interesting technical challenges that push the boundaries of what’s possible.

There is the opportunity to work within a complex codebase, own entire product points, and build new features end-to-end.

Everything they do is entrenched in achieving engineering excellence.

They are a meritocratic, mission-driven organization focused on technical excellence, practical innovation, and meaningful impact with the aim of solving real problems through cutting-edge AI technology.

Their culture is not corporate, and they like to trust their employees to take on a lot of responsibility and have input into the shape of growth of the organisation.

About the Senior Security Engineer Vacancy:

Seeking an experienced Senior Security Engineer to join the team as a trusted advisor and direct contributor focused on security design and review across their SaaS platform and company infrastructure.

This role combines hands-on security engineering with strategic security process design and proactive recommendations to support our compliance and risk

management objectives.

Responsibilities

Security Engineering & Operations

• Vulnerability Management: Conduct regular vulnerability assessments, penetration testing, and security audits to identify and remediate security gaps across our cloud infrastructure and applications

• Security Monitoring: Monitor systems for security threats, suspicious behavior, and anomalies using SIEM tools and security monitoring and vulnerability platforms like CrowdStrike and Nessus

• Incident Response: Lead security incident response efforts, investigate suspicious reports, and implement preventative measures that may be warranted

• Code Security Reviews: Review and approve code (Node, React, Python) that accesses to data, authentication, or integrations, ensuring secure development practices are followed

• Cross-functional Collaboration: Work closely with engineering and operations teams, including executive stakeholders and occasionally third-party service providers, to integrate security best practices into development and deployment processes

Infrastructure & Cloud Security:

• Architecture Review: Evaluate and provide security recommendations for system architecture changes (e.g. network segmentation, microservices, virtual environments, data warehousing, etc) and new feature implementations, including the evaluation of AI enablement opportunities

• Cloud Security: Secure cloud deployments (AWS/Heroku/Netlify), including configuration of firewalls, IAM policies, VPCs, databases/data warehouses (PostgreSQL, Snowflake), API security, container security, and network monitoring

• Access Controls: Manage and maintain access controls across server environments, implementing principle of least privilege

• Data Classification: Advise and audit the proper handling of data in accordance with privacy and security requirements and data classification policies

• Integration Security: Review and assess security implications of all third-party integrations and vendor relationships

• Dependency Management: Stay current on vulnerabilities and versions of all system dependencies, coordinating updates as needed

Compliance & Risk Management:

• Security Strategy: Provide recommendations and technical input for security strategy and policy development, including the implications of emerging technologies like artificial intelligence

• SOC 2 Support: Provide technical attestation and evidence for SOC 2 Type II audits and other security compliance frameworks

• Policy Implementation: Implement and maintain security policies across the organization, including endpoint security for laptops and mobile devices

• Risk Assessment: Evaluate third-party providers and vendors for security risks and compliance requirements

• Security Awareness: Educate team members on security best practices and emerging threats, both within engineering and across the organization

Ideal Requirements for the Senior Security Engineer Vacancy:

• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or related technical field

• 5+ years of hands-on experience in security engineering or related roles

• Expertise in secure software development, architecture design, threat modeling, CI/CD pipelines, and risk assessment

• Deep knowledge of network, system, database, and application layer attack patterns and mitigation methods

• Ability to clearly communicate complex concepts appropriately to multiple audience types

• Coding skills necessary to discover and patch issues Node, TypeScript/React, Python

• Solid understanding and experience with AWS, Heroku, Netlify, and Snowflake, including policy, configurations, and security management tooling

• Proven track record with SOC 2, PCI DSS, or similar compliance frameworks and reporting

• Experience working in startup or high-growth environments, fintech, and/or highly regulated industries preferred

• Cloud security certifications with evidence of continued education in the area of security are a plus

Title and salary varies based on skills assessment and relevant experience.

Apply to the Role:

Roles like these are snapped up very quickly, so act now if you do not want to miss out! Reply to this advert or email your CV to richard@weareorbis.com