Senior security Engineer
AI Summary
Senior Security Engineer responsible for maintaining and enhancing security posture, incident response, IAM management, and embedding shift-left security in the SDLC.
About this role
As a Senior Security Engineer, you will play a crucial role in maintaining and enhancing our organization's security posture. You will be responsible for implementing and managing security systems, conducting incident response and analysis, reviewing identity & access management entitlements, and proactively identifying and mitigating potential security threats. This role requires a deep understanding of security technologies, excellent problem-solving skills, and team collaboration.
Essential Functions
Manage security tools and systems (SIEM, IDS/IPS, endpoint protection, vulnerability management).
Monitor, analyze, and triage security events, alerts, and logs to identify threats and vulnerabilities.
Perform incident response activities, including containment, eradication, recovery, and documentation.
Investigate and analyze security incidents, determine root cause, and recommend remediation.
Execute incident response playbooks and SOPs.
Triage and manage bug bounty submissions, code scanning results, and vulnerability findings, ensuring remediation and validation.
Collaborate with engineering and product teams to embed “shift left” security practices in the software development lifecycle.
Experience with DevSecOps, DevOps, CICD pipelines, and secure code development.
Assist with internal and external vulnerability scanning, segmentation testing, and penetration testing programs.
Create and maintain security metrics and reporting dashboards for leadership visibility.
Stay current with evolving security threats, vulnerabilities, and industry best practices; recommend enhancements to improve the company’s security posture.
Administer and monitor Identity & Access Management (IAM) systems, enforcing least privilege, segregation of duties, and periodic access reviews.
Develop and maintain policies, procedures, and controls for privileged account management to reduce insider and external risk.
Experience
Experience in a senior security role with a proven track record of leadership and mentorship.
Strong knowledge of security principles, technologies, and best practices, including network security, encryption, authentication, access control, and vulnerability management.
In-depth experience with security tools such as SIEM, IDS, and vulnerability scanners.
Deep understanding of cloud security concepts and technologies (e.g., AWS, Azure, GCP).
Proficiency in scripting and automation using languages such as Python, PowerShell, or Bash.
Experience with incident response and forensics, including log analysis, malware analysis, and threat hunting.
In-depth understanding of industry standards and frameworks such as ISO 27001, NIST, PCI DSS.
Excellent analytical and problem-solving skills, with the ability to guide others in the analysis of complex security incidents and provide actionable recommendations.
Strong communication skills, both written and verbal, with the ability to convey technical concepts to non-technical stakeholders.
Required Skills:
Excellent analytical skills.
Self-starter with the ability to work with minimal supervision.
Experience working on large cross-functional teams, representing security on initiatives such as change management, identity and access management, policy management, and data retention.
Strong writing skills and the ability to communicate information about complex issues to stakeholders in a clear and easy to understand way
Ability to develop creative and adaptive solutions to unique and complex inquiries
Comfortable with a rapid-pace working environment and meeting deadlines
Team-focused, positive attitude, and good sense of humor
Education & Certifications:
Required: Bachelor’s Degree; Minimum 5+ years of technology project/program management.
