Security Engineer

As a Security Engineer, you will own endtoend security across multiple enterprise and midmarket cloud projects. Your initial mission is to embed automated controls and best practices into every AWS and Azurebased delivery, shifting the organisation from reactive fixes to a proactive security posture. Reporting directly to the Director of Engineering, Cloud, you will partner daily with Technology, Cloud, Engineering and AccountManagement teams and act as a clientfacing security authority able to brief both technical staff and Clevel executives.

Your Responsibilities

• Design, implement and enforce comprehensive Secure SDLC processes, integrating automated security controls, threat modeling, secure coding standards, and continuous security testing throughout the entire development lifecycle.
• Develop, document and enforce security policies in our Confluencebased knowledge base and project DMS.
• Harden multiaccount AWS and Azure estates (EC2, S3, IAM, VPC, CloudTrail, CloudFront; Virtual Machines, Storage Accounts, Key Vault, NSG, Policy, Monitor).
• Deploy and tune SIEMlogmanagement platforms (Splunk, ELK, Microsoft Sentinel); craft queries and dashboards that surface actionable threats.
• Run scheduled and continuous vulnerability scans (Qualys, Rapid7, Defender), interpret results and drive remediation with Engineering.
• Configure and manage security edge controls—firewalls, WAFs (Akamai, AWSAzure WAF) and IDSIPS—tailored to each client’s risk profile.
• Integrate SCA (Trivy, Grype, Snyk) and DAST (OWASP ZAP) tooling into build pipelines; champion securebydesign coding practices.
• Lead security architecture reviews and threatmodel sessions with crossfunctional, multicountry delivery teams.
• Present findings, roadmaps and risk mitigation strategies directly to enterprise clients, translating technical issues into clear business impact.
• Continuously evaluate emerging threats, ZeroTrust patterns and supplychain risks; recommend tooling and process improvements that keep us ahead of thirdparty scans.

• Requirements

  • 7 + years of handson security engineering in cloudnative, agile environments.
  • Expert knowledge of core AWS and Azure services and how to secure them at scale.
  • Proven SIEM experience—log ingestion, correlation rule creation and dashboarding.
  • Deep understanding of vulnerability management tools and remediation cycles.
  • Practical experience with WAFIDSIPS configuration, network protocols (TCPIP, DNS, HTTP) and ZeroTrustIAM best practices (AD, Azure AD, Okta).
  • Comfort operating as a solo security function: you set the standards, choose the tools (budget approved) and drive adoption companywide.
  • Consultative mindset with excellent written and verbal English; able to brief boardlevel stakeholders and guide client teams through complex security topics.

  • Will be a plus

    • Container and Kubernetes hardening, DevSecOps pipeline design, CNAPP familiarity, compliance frameworks (SOC 2, ISO 27001, PCI DSS) and industry certifications (CISSP, AWS Security Specialty, Azure Security Engineer Associate, CKS).

    • Benefits

      • Experience working with US clients
      • Competitive compensation depending on experience and skills
      • Unlimited, paid time off and vacation
      • Budget for certifications and IT conferences
      • Friendly team to work with around the world
      • Be a team player in an agile software development environment focused on collaboration and continuous integration
      • Comprehensive health insurance and retirement benefits:
      • • United States: Health Insurance and 401(k) plan.
        • Canada: Health Insurance and EmployerSponsored Retirement Plan.