Senior Security Engineer

Responsibilities

• Application Security: Design, implement, and maintain application security processes and tooling such as SAST, SCA, containers, etc.
• Security Architecture/Code Review: Collaborate with software developers and system administrators to review and improve the security architecture of new and existing applications, systems, and code. Familiarity with threat modelling, design reviews are helpful.
• Product Vulnerability Management: Conduct regular security assessments, vulnerability scans, and web application scanning. Work with engineering teams on notification, remediation, and patching strategies.
• Security Monitoring and Analytics: Monitor security events, analyze logs, and generate reports to identify suspicious activities, potential threats, and security breaches.
• Compliance: Establish and enforce security policies, standards, and guidelines in alignment with industry best practices, legal requirements, and internal security policies.
• Cloud Security: Familiar with security features and services for major cloud providers such as AWS and Azure. Design, implement, and maintain security infrastructure components such as Security Hub, Inspector, Config, Defender for Cloud
• Incident Response: Investigate security incidents and breaches to determine the root cause and implement necessary corrective actions to prevent future occurrences.

Successful candidate will have many of the below skills and accomplishments

• Degree or diploma in relevant field or equivalent work experience. Relevant certifications (e.g., CISSP, CISM, CompTIA Security+) are a plus.
• Proven experience as a Security Engineer or in a similar role, demonstrating hands-on experience in security implementation and management.
• Strong knowledge of security protocols, cryptography, and common security technologies.
• Ability to automate security tasks and integrate with various CI/CD tooling and processes.
• Comfortable with one or more scripting languages and reading basic scripts (python, C#, powershell, bash, etc…)
• Comfortable with writing pipelines for automation tasks (Jenkins, AzDO, GitLab, Github)
• Comfortable writing IaC (CDK, CloudFormation, Terraform)
• Familiarity with industry regulations and frameworks such as ISO 27001, SOC2, NIST 800-53, etc…
• Excellent problem-solving and analytical skills to identify and address security vulnerabilities effectively.
• Strong communication and interpersonal skills to collaborate with cross-functional teams and articulate complex security concepts to non-technical stakeholders.


Join us as a Senior Security Engineer and make a significant impact by fortifying our organization's security posture and ensuring the confidentiality, integrity, and availability of our critical assets.

The Most Important Thing

• We’re looking for candidates that can provide examples of how they demonstrated Magnet CODE in their previous experiences.


• CARE  -We care about each other and our mission to make a difference in the world.
• OWN  -We are accountable for or results – while never forgetting to act with integrity, empathy, and respect.
• DEDICATE  -We put our heart and soul into meeting the needs of our customers and helping them serve the people they protect.
• EVOLVE  -We are constantly innovating and exploring new ways to work together to make an impact with our work.