Senior Security Engineer I

As a Senior Security Engineer, you will be responsible for designing, implementing, and maintaining the security controls that protect our cloud infrastructure and edge services. You will bridge the gap between high-level security architecture and hands-on infrastructure-as-code (IaC), ensuring our global platforms remain resilient against modern threats, including those targeting cloud-native workloads and AI-driven features.

Depending on your profile, some of your responsibilities can include:

• Experience range 6 to 10 Years 
• CNAPP Management: Act as the primary owner for the Cloud-Native Application Protection Platform (CNAPP), using it to identify misconfigurations, manage vulnerabilities, and enforce compliance across multi-cloud environments.
• Cloud Visibility & Governance: Utilize CNAPP and CSPM (Cloud Security Posture Management) to gain deep visibility into identities, secrets, and data risks, ensuring clear prioritization of security findings.
• Edge & Application Protection: Deploy and manage Web Application Firewalls (WAF) and Edge Security layers to mitigate Layer 7 attacks, DDoS, and malicious bot activity.
• Workload Protection: Oversee Endpoint Detection and Response (EDR) and Cloud Workload Protection (CWPP) to monitor and secure containers, serverless functions, and virtual machines.
• Data & Identity Governance: Design secure key management (KMS) and identity-aware access policies (IAM) to enforce Zero Trust principles.
• Security Automation: Integrate CNAPP findings into the CI/CD pipeline and develop automations via Infrastructure as Code (Terraform/Ansible) to remediate risks at scale.

 

Must have:

• CNAPP Mastery: Deep, hands-on experience with Cloud-Native Application Protection Platforms (CNAPP), specifically focusing on Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWPP).
• Vulnerability & Risk Management: Proven ability to triage and prioritize cloud security risks (misconfigurations, toxic combinations of permissions, and vulnerabilities) using centralized security platforms.
• Cloud & Edge Protection: Strong experience with Edge Security services, including WAF, DDoS mitigation, and Zero Trust Network Access (ZTNA).
• Infrastructure as Code (IaC): Proficiency in Terraform or Ansible, with a focus on "shifting security left" by scanning IaC templates before deployment.
• Cloud Fundamentals: Expert knowledge of AWS security services, specifically Identity and Access Management (IAM), Key Management Service (KMS), and CloudTrail.
• Technical Communication: Ability to translate complex CNAPP alerts into actionable remediation steps for engineering teams.
• Comprehensive understanding of the OWASP Top 10 and common cloud security vulnerabilities.
• Linux/Unix proficiency.

Nice to have:

• Experience with serverless security and edge computing (e.g., Edge Workers).
• Familiarity with automated security scanning tools (SAST/DAST/IAST).
• Understanding of compliance frameworks (ISO 27001, NIST, SOC2) as they relate to cloud environments.
• Relevant certifications (e.g., AWS Security Specialty, CCSK, or platform-specific CNAPP certifications).