Senior security Engineer

Manage security tools and systems (SIEM, IDS/IPS, endpoint protection, vulnerability management).

Monitor, analyze, and triage security events, alerts, and logs to identify threats and vulnerabilities.

Perform incident response activities, including containment, eradication, recovery, and documentation.

Investigate and analyze security incidents, determine root cause, and recommend remediation.

Execute incident response playbooks and SOPs.

Triage and manage bug bounty submissions, code scanning results, and vulnerability findings, ensuring remediation and validation.

Collaborate with engineering and product teams to embed “shift left” security practices in the software development lifecycle.

Experience with DevSecOps, DevOps, CICD pipelines, and secure code development.

Assist with internal and external vulnerability scanning, segmentation testing, and penetration testing programs.

Create and maintain security metrics and reporting dashboards for leadership visibility.

Stay current with evolving security threats, vulnerabilities, and industry best practices; recommend enhancements to improve the company’s security posture.

Administer and monitor Identity & Access Management (IAM) systems, enforcing least privilege, segregation of duties, and periodic access reviews.

Develop and maintain policies, procedures, and controls for privileged account management to reduce insider and external risk.

Experience in a senior security role with a proven track record of leadership and mentorship.

Strong knowledge of security principles, technologies, and best practices, including network security, encryption, authentication, access control, and vulnerability management.

In-depth experience with security tools such as SIEM, IDS, and vulnerability scanners.

Deep understanding of cloud security concepts and technologies (e.g., AWS, Azure, GCP).

Proficiency in scripting and automation using languages such as Python, PowerShell, or Bash.

Experience with incident response and forensics, including log analysis, malware analysis, and threat hunting.

In-depth understanding of industry standards and frameworks such as ISO 27001, NIST, PCI DSS.

Excellent analytical and problem-solving skills, with the ability to guide others in the analysis of complex security incidents and provide actionable recommendations.

Strong communication skills, both written and verbal, with the ability to convey technical concepts to non-technical stakeholders.

Excellent analytical skills.

Self-starter with the ability to work with minimal supervision.

Experience working on large cross-functional teams, representing security on initiatives such as change management, identity and access management, policy management, and data retention.

Strong writing skills and the ability to communicate information about complex issues to stakeholders in a clear and easy to understand way

Ability to develop creative and adaptive solutions to unique and complex inquiries

Comfortable with a rapid-pace working environment and meeting deadlines

Team-focused, positive attitude, and good sense of humor

Required:  Bachelor’s Degree; Minimum 5+ years of technology project/program management.