Senior Product Security - Senior DevSecOps Engineer

Location: (On-site / Hybrid / Remote – NY, Bay Area, Chicago, Greenville)
Department: Technology

About The Role

At MrBeast, we operate at massive scale — content, commerce, fintech, philanthropy, and global digital platforms. Security isn’t an afterthought. It’s a foundational capability.

We’re looking for a Senior Product Security — Senior DevSecOps Engineer to architect and scale a security-first engineering culture across our cloud infrastructure and CI/CD pipelines. This is not a reactive security role — this is a builder role.

You will embed security directly into our development workflows, automate detection and response at scale, and harden our AWS and GCP environments against evolving threats. You’ll partner deeply with Engineering, IT, and Compliance to ensure our systems remain resilient as we grow.

If you thrive on ownership, love automating everything, and want to build modern security infrastructure from the ground up — this role is for you.

What You’ll Do

Cloud Infrastructure Security

• Design and implement security guardrails across AWS and GCP.
• Embed policy enforcement and compliance checks into Terraform modules.
• Perform architecture reviews and ongoing hardening of multi-cloud environments.
• Lead threat modeling for new infrastructure and product initiatives.
• Own secrets management strategy across Vault, AWS Secrets Manager, and GCP Secret Manager.

SDLC Security

• Integrate SAST, DAST, and dependency scanning into GitHub Actions pipelines.
• Lead secure code review programs and promote secure-by-design practices with engineering teams.
• Identify and remediate vulnerabilities before they reach production.

Detection Engineering

• Build and tune detection logic within SIEM platforms, mapped to MITRE ATT&CK.
• Improve alert fidelity through correlation logic and noise reduction.
• Define log aggregation and monitoring coverage across application and infrastructure layers.
• Conduct regular detection coverage gap analysis.

Incident Response Automation

• Build and maintain SOAR playbooks for repeatable response workflows.
• Drive down MTTD and MTTR through automation and process improvement.
• Update playbooks based on lessons learned from post-incident reviews.

Compliance & GRC Support

• Automate evidence collection for audits and regulatory requirements.
• Translate compliance controls into technical enforcement mechanisms.
• Support scaling of compliance programs without proportional overhead growth.

What You Bring

Required Experience

• Staff / Lead: 8–10 years of experience in DevSecOps, Cloud Security, or Product Security Engineering roles.
• Deep hands-on experience securing AWS and GCP environments.
• Advanced Terraform expertise (infrastructure as code, modules, policy-as-code).
• Strong Python proficiency for automation, API integrations, and custom tooling.
• Hands-on experience with SIEM and SOAR platforms (design, integration, detection engineering).
• Deep familiarity with CI/CD security best practices and GitHub Actions.

Strongly Preferred

• Experience designing and managing identity architectures (Okta, Azure AD, or similar), including SSO, SCIM, lifecycle automation, and conditional access.
• Familiarity with Elastic SIEM or modern log aggregation platforms.
• Experience with EDR/XDR platforms (SentinelOne, CrowdStrike, Defender), including policy tuning and telemetry integration.
• Experience managing endpoint security controls and MDM solutions (Jamf, Intune, etc.).
• Experience securing Google Workspace environments.

What Success Looks Like

• Security is seamlessly embedded into every CI/CD workflow.
• Cloud environments are hardened with automated guardrails.
• Detection systems produce high-confidence, actionable alerts.
• Incident response workflows are automated and measurable.
• Compliance evidence collection is largely automated and audit-ready.

Why This Role Is Different

• You’ll own security architecture across multiple cloud environments.
• You’ll influence engineering standards across the company.
• You won’t be “reviewing tickets” — you’ll be building scalable systems.
• You’ll operate at the intersection of DevOps, Security, and Automation.