Senior Security Engineer
Employment Information
Job Description
Senior Security Engineer at NetBox Labs, architecting secure systems and driving DevSecOps practices. Collaborating with engineering leadership to embed security in development and operations workflows.
Responsibilities:
- Enable and guide teams to adopt DevSecOps practices, ensuring security is built into CI/CD and infrastructure pipelines through shared standards, tooling, and best practices.
- Work with IT Manager on company identity and access management: IdP configuration, user/group organization, and automation via cross-platform synchronization and SAML.
- Administer and automate GitHub Enterprise and JFrog management (users, teams, org policies, and compliance) using IaC.
- Operate and tune SIEM, DLP, and centralized logging systems; define and maintain detection and alerting rules.
- Review audit logs and security telemetry across cloud, SaaS, and developer systems for anomalies and compliance issues.
- Work with IT Manager to build automated onboarding/offboarding and access reviews aligned with least-privilege principles.
- Collaborate with platform, product, and engineering teams to design secure-by-default workflows, infrastructure, and deployment practices, ensuring consistent security controls across products.
- Conduct risk assessments, tabletop exercises, and threat simulations in concert with engineering and operations teams, ensuring security readiness is collaborative and integrated.
- Lead and coordinate penetration testing efforts, including scoping, vendor engagement, and remediation tracking.
- Support SOC 2 and related compliance efforts through control validation and evidence collection.
- Help respond to and complete customer and vendor security questionnaires, collaborating with compliance and engineering teams to ensure accurate and timely answers
Requirements:
- 5+ years in security, IT, DevSecOps, or platform engineering roles.
- Deep understanding of identity management, SSO, and federation (Google Workspace, Okta, Auth0, OIDC/SAML).
- Experience managing and automating users, groups, org policies, and compliance controls on systems like AWS, GCP, GitHub Enterprise, and JFrog.
- Experience implementing and improving software supply chain security, including integrating security into CI/CD pipelines (e.g., GitHub Actions).
- Experience managing SIEM/DLP platforms (e.g., Datadog, Splunk) and writing detection rules.
- Strong automation skills (Python, Go) and proficiency with infrastructure-as-code (Terraform).
- Familiarity with SOC 2 and security frameworks (NIST, CIS, OWASP).
- Excellent communication and documentation skills.
Benefits:
- Offers Equity
- Offers Bonus
Similar Jobs
Senior AI/ML Engineer, Applied Machine Learning – Security Clearance
Trase
Senior Machine Learning Engineer optimizing and developing ML models at Trase Systems. Focus on model training, pipelines, and collaboration with business teams to drive innovation.
Senior Security Research Engineer
Proofpoint
Security Research Engineer on Proofpoint's Threat Research team analyzing threat actors and developing tools. Collaborating effectively within a remote team to support threat tracking and reporting.
Senior Security Consultant – PCI/QSA
Strata Information Group
Senior Security Consultant performing security audits based on PCI and NIST standards. Identifying vulnerabilities and developing strategies to secure organizations throughout the U.S.
Digital Consultant – Microsoft Security, Bilingual English
Concentrix
Digital Consultant for Microsoft Security driving measurable outcomes through technical delivery and strategic alignment. Supporting operationalization of Microsoft Security E5 suite and customer transformation journeys.
Senior Security Architect – Southwest Region
GuidePoint Security
Senior Security Architect responsible for technical client interactions and implementing security controls. Serving Southern California region with hands-on security engineering expertise.
Head of Product Security
Instacart
Head of Product Security overseeing secure engineering practices and product security at Instacart. Leading teams across offensive security, architecture reviews, and threat modeling.
IT Security Specialist
Spiralyze
Lead critical work in Security & Compliance for a fast-growing CRO. Strengthening security processes and ensuring safety for agency and clients.
Cyber Security Specialist
Spiralyze
Cyber Security Specialist managing security processes for clients in a fully remote environment. Responsible for implementing security measures and ensuring compliance across various frameworks.
Project Coordinator – Autotask MSP Dispatcher, Microsoft Focused CyberSecurity
Agile IT
Project Coordinator at Agile IT coordinating ticket dispatch and managing project schedules. Supporting customer interactions and maintaining operational workflows for a Microsoft-focused consulting firm.
Senior Manager, Security Risk & Compliance
RTX
Physical Security Risk & Compliance Lead at Pratt & Whitney developing and coordinating security compliance programs across business units. Collaborates with various teams to ensure safety standards and policies are upheld.
Lead Security Engineer
Swiftly, Inc.
Lead Security Engineer strengthening security for Swiftly's transit data platform. Collaborate with teams to design secure solutions and drive compliance roadmap while fostering a security-aware culture.
Security Consultant II
Akamai Technologies
Security Consultant II ensuring customer support and integration of Akamai's products. Acting as a trusted advisor and delivering high-quality services to clients through effective collaboration.
Senior Safety & Security Officer
AECOM
Senior Safety & Security Officer overseeing transit safety and security certification processes for AECOM. Managing documentation, design reviews, and annual plans across projects in Austin, TX.
Director, Information Security – ASM / VM
OpenLoop
Director of Information Security responsible for managing vulnerabilities and risks at OpenLoop. Leading cybersecurity initiatives for remote teams and supporting operational efficiencies.
Senior Product Manager, Security Domain
Sigma Software Group
Senior Product Manager in the Security domain managing Microsoft 365-centric SaaS security solutions. Collaborating with teams to enhance product offerings and meet compliance needs.
Virtual Chief Information Security Officer – vCISO
RSI Security
Remote Chief Information Security Officer providing leadership in security and compliance for clients. Overseeing development of security strategies and advising on risk management and compliance programs.
Analista de Operaciones – Ciberseguridad
IRIUM
Analista de Operaciones N1 o N2 buscando experiencia en ciberseguridad para colaborar en proyecto remoto para administración pública. Se requiere manejo de herramientas SIEM y EDR.
Principal Product Marketing Manager – Application Security
GitLab
Principal Product Marketing Manager for GitLab's security solution set. Shape and influence security capabilities across software development lifecycle with autonomy and collaboration.
Technical Support Engineer – AI Cybersecurity Platform
Abnormal Security
Technical Support Engineer providing L1 support for enterprise customers using a behavior AI Cybersecurity platform. Collaborating with Engineering teams to resolve technical issues and enhance customer trust.
Compliance Security Engineer
Veeam Software
Compliance Engineer supporting compliance posture of Veeam's cloud-native SaaS platform. Building continuous monitoring processes for regulatory compliance across Azure and AWS environments.