Security Engineer

Key Skills:

Roles and Responsibilities:

• Monitor, analyze, and respond to emerging security threats; lead incident response efforts to contain and mitigate security incidents.
• Collaborate with Cloud, Platform, and Front-Office teams to integrate security best practices into core operations and deployments.
• Identify system vulnerabilities and work on designing and implementing security controls to strengthen the company's defense posture.
• Conduct security audits, secure code reviews, and continuous security testing across applications and infrastructure.
• Evaluate third-party vendors and ensure their solutions align with internal security strategies and compliance requirements.
• Support secure DevOps practices by integrating security tooling into CI/CD pipelines (e.g., SAST, secret scanning).
• Drive and contribute to projects across Cloud Security, Application Security, and Red Teaming based on skillset and business priorities.

Skills Required:

• 3-5 years of experience in Security Engineering, Security Operations, DevSecOps, or related roles.
• Proficiency in at least one scripting or programming language (Python, Go, PowerShell, Bash).
• Application Security: Hands-on experience with secure code reviews, CI/CD pipeline integration (e.g., GitHub, GitLab), SAST tools, and secrets scanning.
• Cloud Security: Strong knowledge of AWS or GCP security best practices, and working with Infrastructure as Code (Terraform).
• Corporate Security: Familiarity with Vulnerability Management, Endpoint Protection (Windows & Mac), Network Security, MDM, and Microsoft Entra (Azure AD).
• Red Team Experience: Understanding of offensive security practices, tooling, and penetration testing methodologies

Behavioral Competencies:

• Ability to clearly communicate complex security topics to technical and non-technical audiences.
• Self-starter with a continuous learning mindset in a fast-evolving threat landscape.
• Strong attention to detail and critical thinking to identify and resolve security risks.
• Effective collaborator across cross-functional teams including DevOps, Engineering, and Business stakeholders.
• Proven ability to own and lead security initiatives independently in a globally distributed team.

Nice to Have:

• Experience in offensive security or Red Team operations.
• Exposure to DevSecOps frameworks and security automation in CI/CD.
• Experience with tools like Kali Linux, Burp Suite, or Metasploit.

Education:

• Bachelor's or Master's degree in Computer Science, Engineering, or a related field.
• Security certifications (e.g.,

  OSCP

  ,

  SANS

  ) are a strong plus.