A leading financial services company is seeking a
Senior Security Engineer to help design, implement, and enhance security controls across cloud environments, containerized workloads, and modern software development pipelines. This role requires a well-rounded security engineering background, with a strong emphasis on securing cloud-native applications, CI/CD processes, and infrastructure as code (IaC).
Responsibilities: - Design and implement security best practices for cloud-native architectures, ensuring robust protection across multi-cloud environments.
- Develop and enforce security policies for Kubernetes, containers, and microservices, integrating security controls into container orchestration platforms.
- Leverage Cloud-Native Application Protection Platforms (CNAPP) to detect, assess, and remediate security risks across cloud workloads.
- Embed security into CI/CD pipelines and GitOps workflows, ensuring secure code deployment and infrastructure automation through IaC.
- Conduct security assessments of cloud configurations, infrastructure as code, and third-party integrations, identifying and mitigating vulnerabilities.
- Implement and refine data protection strategies, including encryption, tokenization, and access controls to safeguard sensitive financial data.
- Strengthen network security by optimizing firewall policies, IDS/IPS configurations, and secure access service edge (SASE) solutions.
- Enhance endpoint security across diverse environments, integrating EDR/XDR solutions to detect and respond to threats.
- Collaborate with DevOps, software engineering, and IT teams to integrate security into development lifecycles and operational workflows.
- Stay ahead of emerging threats, attack techniques, and security technologies, proactively strengthening security posture.
Key Qualifications: - Bachelor's degree in Computer Science, Cybersecurity, or a related field.
- 7+ years of security engineering experience, with a focus on cloud security and modern application security practices.
- Hands-on experience securing AWS, Azure, or GCP environments, including IAM, logging, and workload protection.
- Expertise in securing Kubernetes, Docker, and containerized applications, including runtime security and vulnerability management.
- Proficiency in implementing security within CI/CD pipelines, GitOps workflows, and infrastructure as code (Terraform, CloudFormation, or similar).
- Familiarity with CNAPP, CSPM, and container security tools such as Wiz, Prisma Cloud, Aqua Security, or Lacework.
- Experience with data protection mechanisms, including DLP, encryption, and data classification.
- Knowledge of network security fundamentals, including firewalls, IDS/IPS, SASE, and zero trust architecture.
- Understanding of endpoint security solutions, including EDR, XDR, and advanced threat protection.
- Strong scripting or programming skills (Python, Bash, or similar) to automate security processes.
- Experience working in highly regulated environments and aligning security practices with compliance requirements.
- Security certifications such as CISSP, CKS, CCSP, or relevant cloud security certifications are a plus.
This is a full-time position with a leading financial services institution; candidates must be willing to undergo background check and employment verification as applicable by law/regulation.
Candidates must be legally authorized to work in the United States at time of hire. Unfortunately sponsorship is not available for this position.