Security Engineer (Security Operations, Zero Trust)

What you will do

Security Operations & Incident Response (Primary)
• Review, design, and implementation of new Security Tools - support administration across tools such as SIEM, EDR, CNAAP, Email Security, and others.
• Support security and risk assessments for new tools, vendors, and relationships with broader Security and IT team.
• Assist in development of new threat detections, playbooks, and automated response/remediation
• Support triage and response of security alerts, as an escalation point from the broader team.
• Participate in supporting security on-call rotation


Zero Trust & Network Security (Secondary)
• Strengthen Zero Trust posture by expanding usage of Cloudflare WARP, WAF, other Zero Trust tooling and principles
• Collaborate with the IT team to enhance endpoint security policies within EDR tools such as SentinelOne, Crowdstrike, as well as secure hardening standards into MDM
• Support design and implementation of IAM best practices/principles for workforce and client identity, leveraging tools such as; Google IDP, Okta, Auth0, Zitadel
• Mature Zero Trust alerts and controls across risk-based alerting, posture checks
• Incorporation of Zero Trust principles into new programs and architecture designs


Application Security (Support)
• Support application security program strategy and implementation, including but not limited to various controls towards a “shift-left” security model, Security Champions program, adoption and implementation of SAST, DAST, other application security tools.
• Assist in maturation of the Secure SDLC, including threat modeling, security architecture and requirements guidance, as well as secure code development training.
• Work directly with developers to triage findings, provide remediation guidance, and foster a security-first culture.
• Manual testing support for light red teaming such as POC’ing vulnerabilities, leading penetration tests via vendor engagements and/or internally led testing, and validating security findings.


Cloud & Infrastructure Security (Support)
• Partner with Engineering, DevOps, to secure GCP, AWS environments
• Leverage Cloud Security tools such as CNAAP, to remediate discovered misconfigurations, vulnerabilities, and triage of Cloud Security alerts.
• Support development and implement secure infrastructure baselines, vulnerability management processes, secrets managements, IAM, and hardening standards within the cloud environment.
• Incorporation of shift-left security tests and controls, into CI/CD pipelines
• Help expand monitoring capabilities within tools such as SIEM, CNAAP, including implementation of required cloud architecture/logging, onboarding of log sources to security tools, and detection rules for cloud-based threats.

What You Need to be Successful

• 3-5 years of hands-on experience in a security engineering role, preferably within a cloud-native, startup environment
• Deep experience building or contributing to a Security Operations program, leveraging/administering SIEM, EDR, CNAAP, Email Security, and SOAR tools.
• Hands-on experience building and tuning threat detections, partnering with Security Analysts to improve/automate runbooks and response actions.
• Demonstrated experience implementing tools and controls to support Zero Trust, with tools such as Cloudflare, IAM architecture and protocols, risk and posture based alerting, and workforce/customer identity solutions.
• Proficiency in at least one scripting language (e.g., Python, Bash) to automate security tasks and processes, ability to implement and support detection-as-code and infrastructure-as-code where applicable.
• Excellent problem-solving skills and the ability to work collaboratively with both technical (Engineering) and non-technical (GTM) teams.
• Ability to drive new projects, self-starter, with minimal supervision
• A proactive, "builder" mindset with a passion for improving processes, reducing risk.


Nice to have
• Familiarity with Infrastructure as Code (IaC) and its security implications (e.g., Terraform).
• Knowledge of compliance frameworks such as SOC 2, GDPR, NIST CSF
• Familiarity with common application development languages such as Java or JavaScript
• Understanding of system and architecture design principles, from code to cloud
• Relevant industry certifications (e.g., GCLD, GCP Cloud Security Engineer, GCSA).