Senior Security Engineer
About the Role
You will bolster existing defenses and identify and reinforce weaknesses in applications, systems, and processes. You will perform threat modeling, design security protocols, discover vulnerabilities in software systems, and document and resolve identified issues. You will define secure development and key management practices, design controls for compliance, select SIEM tooling for monitoring, lead incident response, and apply cryptography and secure coding to protect on and off-chain assets. Expect to perform hands-on testing, review designs for security requirements, and drive security improvements with minimal oversight.
Requirements
- Five or more years experience in a security engineering or related role
- Proven experience across network security, incident response, threat modeling, and identity and access management
- Ability to identify and lead security initiatives without direct oversight
- Strong communication skills for technical and non-technical audiences in a remote environment
Responsibilities
- Maintain threat models and security system documentation
- Coordinate penetration testing and triage identified issues
- Perform white-box security testing of security-critical features
- Define security requirements and review application and AWS infrastructure designs
- Design and implement controls for regulatory and standards compliance
- Define internal best practices for secure development and data handling including key material management
- Identify SIEM tooling needs and help select suitable solutions
- Maintain the security incident response plan and lead incident response
- Establish and maintain monitoring for endpoints and application systems
- Share security knowledge with other engineering roles