Senior Information Security Engineer

Job Overview

As a Senior Information Security Engineer, you will play a crucial role in safeguarding the organization's information systems and data assets. Your responsibilities will include implementing security measures, conducting risk assessments, monitoring security incidents, and developing strategies to enhance our overall cybersecurity posture. The ideal candidate will possess strong technical expertise in information security, stay updated with industry trends, and collaborate effectively with cross-functional teams to ensure the integrity and confidentiality of our systems.

Key Responsibilities

• Cloud Security: Design, implement, and manage cloud-native security controls across AWS and Azure (IAM, security groups, VPC security, GuardDuty, Azure Security Center).
• Application Security: Embed security into the SDLC through secure code reviews, threat modeling, and integrating SAST/DAST/SCA tools.
• DevSecOps: Integrate security into CI/CD pipelines and IaC templates (Terraform, CloudFormation, ARM) for containerized environments (Docker, Kubernetes).
• Security Monitoring & Incident Response: Monitor security alerts, investigate incidents, and implement corrective actions.
• Security Tools Management: Manage firewalls, SIEM, IDS/IPS, CSPM, and vulnerability management platforms.
• Compliance & Best Practices: Ensure adherence to regulatory and industry standards (ISO 27001, NIST, CIS, GDPR).
• Security Awareness: Conduct training and promote secure engineering practices across teams.
• Continuous Improvement: Stay updated on emerging threats, cloud vulnerabilities, and evolving security best practices.
• Endpoint Security (Secondary): Provide guidance on endpoint security tools such as Sentinel One and Microsoft Defender when needed.
  
  

Required Skills & Experience

• Strong knowledge of cloud security principles (AWS & Azure).
• Hands-on experience with CSPM tools (Prisma Cloud, Wiz, Orca) and SIEM/IDS/IPS platforms.
• Familiarity with container and Kubernetes security.
• Experience with CI/CD security integrations (Snyk, GitHub Advanced Security, or equivalent).
• Strong understanding of network security, encryption, and IAM.
• Experience with application security testing tools (SAST, DAST, SCA).
• Knowledge of security frameworks and standards (ISO 27001, NIST, CIS).
• Familiarity with endpoint security tools (Sentinel One, Microsoft Defender) is a plus.
• Excellent analytical and problem-solving skills.
• Security certifications such as CISSP, CISM, CCSP, or CompTIA Security+ are a plus.
  
  

Preferred Skills

• Knowledge of DevSecOps practices and CI/CD security automation.
• Experience with container security for Docker / Kubernetes.
• Exposure to cloud security monitoring and threat intelligence solutions.
• Familiarity with incident response frameworks and forensic analysis.
  
  

Personal Attributes

• Strong ownership and security-first mindset.
• Excellent communication and documentation skills.
• Ability to work in fast-paced environments and act as a security advisor to engineering teams.
• Passion for continuous learning and staying ahead of emerging cyber threats.
  
  

What We Offer

• Opportunity to work with modern cloud-native security technologies.
• Collaborative and innovation-driven environment.
• Health insurance, flexible work policies, latest hardware.
• Strong career progression toward Security Architect / Security Engineering Lead roles.