Security Engineer

• Cloud Infrastructure Security Design: Architect and implement secure cloud infrastructure, ensuring compliance with industry-standard security frameworks (NIST, CIS Benchmarks, ISO 27001).

• Security Automation & DevSecOps: Utilize Infrastructure as Code (IaC) tools like Terraform or CloudFormation to automate security configurations and embed security scanning (SAST/DAST/IaC scanning) into CI/CD pipelines.

• Continuous Monitoring & Analysis: Monitor, analyze, and interpret logs (AWS CloudTrail, Azure Monitor) for signs of suspicious activity, utilizing SIEM systems (Splunk, Elastic) and CSPM tools (Wiz, Prisma).

• Threat Detection & Incident Response: Investigate and respond to security incidents, performing forensic analysis on cloud-native services (containers, serverless functions) to mitigate threats.

• Identity & Access Management (IAM): Design and manage zero-trust IAM policies, role-based access controls (RBAC), and multi-factor authentication (MFA) to prevent unauthorized access.

• Vulnerability Management: Perform regular penetration testing, vulnerability scanning, and configuration audits of virtual machines, containers, applications, and network components.

• Security Policy Enforcement: Develop and document cloud security policies, ensuring adherence to regulatory requirements (NIST, HIPAA, PCI-DSS).

• Possess 3–5+ years in cybersecurity, with at least 2+ years of hands-on experience in cloud infrastructure security (AWS, Azure, or GCP)

• Have proficiency in native security tools (e.g., AWS Security Hub, Azure Defender, GuardDuty) and third-party tools (e.g., Wiz, Snyk, Palo Alto)

• Have strong scripting capabilities (Python, Bash, or PowerShell) for automation of security tasks

• Possess deep knowledge of Terraform, Ansible, or CloudFormation

• Have a thorough understanding of networking protocols (TCP/IP, VPN, DNS, TLS) and virtual networking (VPCs, Subnets, Firewalls)

• Demonstrate proven experience in log analysis, threat modeling, and root cause investigation

Note: We operate in an industry where women, as well as other minority groups, are systematically under-represented. We encourage you to apply even if you don’t meet all the listed qualifications; ability and impact cannot be summarized in a few bullet points.

• Certifications: Certified Cloud Security Professional (CCSP), Certified Information Systems Security Professional (CISSP), AWS Certified Security – Specialty, or Azure Security Engineer Associate

• Education: Bachelor’s degree in Computer Science, Information Security, or a related field

• Frameworks: In-depth knowledge of NIST CSF, NIST 800-53, FedRAMP, or CMMC

• Helsing’s work is important. You’ll be directly contributing to the protection of democratic countries while balancing both ethical and geopolitical concerns

• The work is unique. We operate in a domain that has highly unusual technical requirements and constraints, and where robustness, safety, and ethical considerations are vital. You will face unique Engineering and AI challenges that make a meaningful impact in the world

• Our work frequently takes us right up to the state of the art in technical innovation, be it reinforcement learning, distributed systems, generative AI, or deployment infrastructure. The defense industry is entering the most exciting phase of the technological development curve. Advances in our field of world are not incremental: Helsing is part of, and often leading, historic leaps forward

• In our domain, success is a matter of order-of-magnitude improvements and novel capabilities. This means we take bets, aim high, and focus on big opportunities. Despite being a relatively young company, Helsing has already been selected for multiple significant government contracts

• We actively encourage healthy, proactive, and diverse debate internally about what we do and how we choose to do it. Teams and individual engineers are trusted (and encouraged) to practice responsible autonomy and critical thinking, and to focus on outcomes, not conformity. At Helsing you will have a say in how we (and you!) work, the opportunity to engage on what does and doesn’t work, and to take ownership of aspects of our culture that you care deeply about