Own and lead Impiricus’s security architecture across AWS, including identity, network security, data protection, and secure cloud-native services.
Serve as the primary owner of SOC 2 compliance, including control design, evidence collection, audit coordination, and continuous improvement of the control environment.
Design and implement application and infrastructure security controls across the SDLC, partnering with engineering teams to embed security by design.
Lead threat modeling, risk assessments, and security reviews for new products, features, and cross-platform initiatives.
Build and operate detection and response capabilities, including logging, monitoring, alerting, and incident response processes in AWS.
Define and enforce security standards, policies, and best practices, balancing strong security posture with developer velocity.
Partner with product, legal, and leadership to translate regulatory, customer, and business requirements into actionable security initiatives.
Mentor engineers and act as a security thought leader across the organization, raising the overall security maturity and culture.

Requirements

6+ years of experience in cybersecurity, application security, or cloud security roles.
Bachelor’s degree in Computer Science or a closely related technical field.
Strong hands-on experience securing production environments in AWS.
Hands-on experience planning, executing, and reviewing penetration tests (internal and third-party), including driving remediation efforts.
Practical experience implementing, tuning, and operationalizing DAST and SAST tools within CI/CD pipelines.
Deep understanding of secure software development practices, threat modeling, and vulnerability management.
Experience owning or leading compliance initiatives such as SOC 2, including audit preparation and evidence collection.
Strong communication skills with the ability to translate security findings into clear, actionable guidance for engineering and leadership.
Healthcare compliance experience (e.g., HIPAA) and distributed team experience are a plus.

Benefits

Medical, dental, and vision coverage for you and your dependents + on-demand healthcare concierge
Pre-tax savings options for healthcare and dependent care, with monthly employer contributions to HSA (if enrolled in a high-deductible plan)
100% paid short- and long-term disability, plus life and AD&D insurance
Take the time you need with a flexible vacation policy — recharge your batteries your way
12 weeks of paid leave to spend time with your newborn, adopted, or foster child (available after 6 months)
If you’re close to an office, we encourage spending some time in-person to collaborate and connect. If not, remote is always an option.
We’ll ship you the gear you need to create a comfortable workspace at home.
Save for your future with tax advantages (and company match!)

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecurityapplication securitycloud securitypenetration testingDAST toolsSAST toolssecure software developmentthreat modelingvulnerability managementAWS

Soft Skills

communicationmentoringleadershipcollaborationproblem-solvingorganizational skillstranslating technical findingscontinuous improvementsecurity thought leadershipbalancing security and developer velocity

Certifications

SOC 2 compliance