Full-Time Platform Security Engineer

As a Platform Security Engineer, you'll play a key role in securing our engineering ecosystem by developing capabilities, services, and automation that balance speed, scalability, and compliance.

This hands-on role emphasizes AWS security, CI/CD security, and security automation, empowering teams to deliver secure software at scale and quickly remediate issues.

Key Responsibilities:

1. Lead security efforts across AWS cloud, container security (ECS/Kubernetes), CI/CD, and secure cloud-native architectures, ensuring compliance with standards like PCI-DSS, ISO27001, SOC 2, NIST 800-53, and COPPA.
2. Build and enhance security related platform capabilities, involving CI/CD pipelines, infrastructure, reusable templates, and automation, enabling rapid and secure deployments at scale.
3. Design and implement reusable security patterns to promote best practices and compliance across engineering teams.
4. Promote secure delivery practices by embedding security in build and design phases, emphasizing fast feedback, observability, and operational excellence.
5. Collaborate with SecOps, platform, and engineering teams, fostering knowledge sharing and ensuring alignment on security goals.
6. Assess and improve existing security standards, practices, and controls to reduce vulnerabilities and enhance security posture.
7. Develop automation strategies to enforce regulatory controls and ensure continuous compliance.
8. Collaborate on incident monitoring and response, conducting Root Cause Analysis, and recommending mitigation measures.
9. Utilize AWS cloud knowledge, Terraform, and Python to develop secure solutions.
10. Deliver clear security updates, document solutions thoroughly, and communicate effectively with diverse stakeholders.

Required Skills:

• AWS Expertise: 2+ years of hands-on experience with AWS, focusing on IAM best practices and securing resources like EC2, S3, RDS in production environments.
• Linux Proficiency: 4+ years of experience managing and securing Linux systems.
• Security Automation & Tooling: 2+ years of experience implementing security automation and integrating security tooling (e.g., SEIM, SAST/DAST, WAFs).
• Automation/Scripting: 2+ years of experience with Python for automation and scripting in a security/DevSecOps context.
• Git and GitOps: Experience with Git and automated workflows for secure code development.
• Web Security Knowledge: Familiarity with web security best practices, including DNS, firewalls, secure APIs, and database security.
• Cloud Security: Proven ability to secure cloud environments, including implementing security controls, auditing, and monitoring.
• Communication & Collaboration: Strong written and verbal communication skills, explaining complex security concepts to diverse audiences.
• Proven Track Record: Demonstrated ability to identify and address security challenges, delivering effective solutions.

What is the last date for applying to the job?

Which countries are accepted for this remote job?