Manager, IT Cyber Security
Centerline
CloudCyber Security
Senior Security Engineer
Granum
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteJob Level
Senior
Tech Stack
AWSAzureCloudSDLCTerraform
About the role
- You'll be deeply hands-on, collaborating with Platform and AI teams, and reporting to the VP of Engineering (Platforms & AI Enablement).
- Leading Security Foundations: Implementing technical security controls across Azure/AWS, networks, and applications using infrastructure as code, automation, and DevSecOps.
- Driving Policy into Practice: Creating and operationalizing security policies, benchmarks, and guardrails with a focus on automation and self-service for engineers, translating governance into CI/CD checks and access controls.
- Championing Security as Code: Building and maintaining security-relevant Terraform modules and IaC policies, evolving our infrastructure repo, and fostering "security as code" throughout the SDLC.
- Shifting Left on Security: Embedding static analysis, dependency/container scanning, and compliance checks into CI/CD pipelines (Github Actions).
- Governing Identity, Access, & Secrets: Designing secure patterns for RBAC, multi-tenant SaaS security, and key management (Azure AD/OAuth/OIDC).
- Strengthening Data Security: Enhancing application-level controls (e.g., RBAC, audit logs, data classification) and guiding engineering on secure coding and AI/ML pipeline management.
- Securing AI/ML Workflows: Developing security and governance for AI/ML, including handling of training data (PII), model access/audit, and AI-powered features.
Requirements
- 6+ years hands-on experience in security, DevSecOps, platform engineering, or infrastructure within a SaaS or cloud-native environment.
- Cloud Security Expertise: Strong experience building secure cloud infrastructure (Azure and/or AWS) using infrastructure-as-code (Terraform preferred).
- Automation & Code Proficiency: Demonstrated ability to translate security policy into practice via actual code, automation, and CI/CD pipelines.
- Technical Acumen: Experience with tools/practices like static code analysis, container/dependency scanning, RBAC, OIDC & identity standards, secret management, cloud networking, and observability.
- Regulatory Knowledge: Working knowledge of modern authentication, network segmentation, encryption, and regulatory concepts (SOC2, PCI, GDPR) applied to SaaS.
- Builder Mentality: A security mindset that focuses on creating robust, automated solutions rather than just identifying problems or writing policy documents.
- Collaborative Communication: Excellent communication skills with an approach that brings other engineers along, influencing through code, automation, and enablement.
- Learning Agility: Willingness and excitement to learn new things, especially at the intersection of security and AI/ML.
Benefits
- We prioritize your well-being with comprehensive health, dental, and vision plans for you and your family.
- 401K Matching!
- We also offer additional options for HSA (with employer contribution!), FSA, Dependent Care FSA, short-term/long-term disability, life insurance, legal assistance, and much more!
- We invest in your growth through conferences, courses, or any tools that help you advance.
- Enjoy a great work-life balance with unlimited Paid Time Off, paid company holidays, and a company-wide shutdown from Dec 24 - Jan 1 for a well-deserved holiday break.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
securityDevSecOpsplatform engineeringinfrastructure as codeTerraformstatic code analysiscontainer scanningRBACOIDCencryption
Soft skills
collaborative communicationbuilder mentalitylearning agility
Certifications
SOC2PCIGDPR
