The Senior Security Engineer will enhance security for Onit's SaaS applications, lead cloud security initiatives, drive incident response, and collaborate across teams to ensure strong security practices.
About Onit:
We're redefining the future of legal operations through the power of AI. Our cutting-edge platform streamlines enterprise legal management, matter management, spend management and contract lifecycle processes, transforming manual workflows into intelligent, automated solutions.
We’re a team of innovators using AI at the core to help legal departments become faster, smarter, and more strategic. As we continue to grow and expand the capabilities of our new AI-centric platform, we’re looking for bold thinkers and builders who are excited to shape the next chapter of legal tech.
If you're energized by meaningful work, love solving complex problems, and want to help modernize how legal teams operate, we’d love to meet you.
Onit, Inc. is seeking a seasoned security professional to strengthen the security of our enterprise SaaS applications and corporate infrastructure. In this role, you’ll lead cloud security initiatives, drive incident response, and collaborate across teams to ensure a robust security posture. If you’re passionate about solving complex security challenges and influencing best practices, we’d love to hear from you.
Responsibilities:
- Support the Onit security function during US Central Time business hours.
- Implement and manage cloud-native security tools and third-party solutions for threat detection and incident response.
- Define, maintain, and execute the Incident Response plan, investigating and resolving incident escalations.
- Perform regular risk assessments and vulnerability scans of cloud infrastructure, ensuring timely remediation.
- Collaborate with Dev, DevOps, and Infra teams to remediate identified vulnerabilities, discuss security best practices, and assist with security incident response.
- Analyze EDR alerts and logs to identify potential security incidents, taking appropriate action.
- Continuously evaluate and implement security tools and practices to enhance the security posture of the Onit environment.
- Assist with application security reviews and threat modeling.
- Assist with security awareness programs for employees regarding security best practices
Requirements:
- Minimum of 5 years of experience in information security, with at least 3 years focused on cloud security for enterprise SaaS applications.
- Proficient in AWS with a strong understanding of AWS networking/VPC, IAM, Security Groups, EC2, RDS, S3, and containers (EKS/ECS).
- Extensive hands-on experience investigating security incidents, along with the creation, management, and execution of security runbooks / playbooks.
- This includes the ability to search logs in CloudTrail, CloudWatch, VPC Flow logs, etc.
- Experience with tooling for network (e.g. Wireshark) and host forensics
- Knowledge of various AWS Native Security tools, security frameworks, and CSPM tools.
- Experience in security tools such as vulnerability scanners, IDS/IPS, SIEM, firewalls, and endpoint security monitoring.
- Experience with threat detection and threat intelligence.
- Must be proficient in Linux.
- Application security experience with an understanding of SAST, DAST, SBOMs, and other scans and artifacts to help improve application security posture
- Experience with AWS Guard Duty and CrowdStrike or equivalent.
- Strong communication, problem-solving, and collaboration skills.
Desired:
- Experience with Cloudflare and/or AWS WAF configurations.
- Automation experience with one or more of the following: AWS CLI, Bash, Python, Ansible to verify security configurations and automate runbooks is a plus.
- Experience with Microsoft Entra and Mimecast.
- Familiarity with security frameworks such as NIST CSF 2.0.
- Experience with container security (beyond EKS/ECS, e.g., image scanning tools like Trivy).
- Familiarity with CI/CD pipeline security.
- Knowledge of Zero Trust architecture.
- Certifications such as CCSP, AWS Security, OSCP, or equivalent are a plus.
At Onit, we’re committed to offering fair and competitive compensation. In addition to base pay, associates are eligible for an annual discretionary bonus. The final base salary you receive will reflect factors such as your skills, education, experience, and work location.
Benefits & Perks That Support You:
Onit offers a comprehensive total rewards package designed to support the whole employee at work and beyond:
Health Coverage Choices: Three medical plan options, plus dental and vision, so you can choose what fits best. Employees on our HDHP plan also receive employer contribution to the HSA.
Retirement Savings: 401(k) with a 100% match on the first 3% and 50% on the next 2% of employee contributions.
Time Away: Flexible paid time off, 7 sick days, and 9 paid company holidays annually.
Family Support: Exceptional paid leave for birth parents, non-birth parents, and caregivers. Onit also offers surrogacy and adoption reimbursement.
Income Protection: 100% employer-paid life and disability insurance.
Additional Coverage Options: Voluntary benefits including hospital indemnity, critical illness, accident, and even pet insurance.
Tax-Advantaged Accounts: Healthcare FSA, HSA, and dependent care FSA.
Community Engagement: One paid volunteer day each year to give back to the community.
Our Commitment to Applicants
We know that not everyone will check every box in a job description. At Onit, we value diversity, inclusion, and authenticity. If you’re excited about this role but your experience doesn’t align perfectly with every qualification, we encourage you to apply. You may be exactly who we’re looking for.
This position will remain open for applications for 7 calendar days from the posting date.
Top Skills
Ansible
AWS
Aws Waf
Ci/Cd
Cloudflare
Cloudtrail
Cloudwatch
Edr
Ids
Ips
Linux
Python
Security Tools
SIEM
Vulnerability Scanners
Similar Jobs
.png)
Big Data • Healthtech • HR Tech • Machine Learning • Software • Telehealth • Big Data Analytics
The Senior Security Engineer will secure patient data, lead security initiatives, manage vulnerabilities, and advocate for a security culture in the organization.
Top Skills:
AWSElasticsearchIstioKubernetesNatsNode.jsPostgresPythonReactTerraformTypescript
Artificial Intelligence • eCommerce • Information Technology • Internet of Things • Automation
As a Senior Security Engineer, you'll design and manage IAM and IGA solutions, collaborating across Agile teams to enhance security and compliance.
Top Skills:
Azure Active DirectoryEntra IdForgerockIamIdentity Governance And AdministrationMimOauthOidcOktaSailpointSAMLScim
AdTech • Artificial Intelligence • Big Data • Machine Learning • Marketing Tech • Mobile • Software
The Senior Security Engineer will establish secure software development standards, conduct security assessments, and develop security tools while fostering a security-conscious culture across teams.
Top Skills:
ClojureGoJavaScriptPython
What you need to know about the Los Angeles Tech Scene
Los Angeles is a global leader in entertainment, so it’s no surprise that many of the biggest players in streaming, digital media and game development call the city home. But the city boasts plenty of non-entertainment innovation as well, with tech companies spanning verticals like AI, fintech, e-commerce and biotech. With major universities like Caltech, UCLA, USC and the nearby UC Irvine, the city has a steady supply of top-flight tech and engineering talent — not counting the graduates flocking to Los Angeles from across the world to enjoy its beaches, culture and year-round temperate climate.
Key Facts About Los Angeles Tech
- Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
- Key Industries: Artificial intelligence, adtech, media, software, game development
- Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
- Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering
