Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Prometheum

Senior Infrastructure Security Engineer

Prometheum

Senior Infrastructure Security Engineer at Prometheum managing AWS cloud infrastructure and security operations. Designing secure systems while ensuring regulatory compliance in a fintech environment.

Posted 5/16/2026full-timeRemote • 🇺🇸 United StatesSenior💰 $160,000 - $185,000 per yearWebsite

Tech Stack

Tools & technologies
AWSCloudDNSDockerGoPythonTerraformTypeScript

About the role

Key responsibilities & impact
  • This is a senior, hands-on role with intentionally broad scope.
  • Cloud infrastructure, security operations, and regulatory compliance are consolidated into a single function rather than distributed across a large team.
  • Design and maintain secure AWS cloud infrastructure using Terraform and Terragrunt, with a focus on IAM least-privilege, account isolation, and security guardrails across multiple AWS environments.
  • Manage AWS network security: VPC segmentation and design, Transit Gateway architecture, PrivateLink for service isolation, Network Firewall, and Route 53 Resolver for DNS security.
  • Manage and maintain Cloudflare infrastructure including DNS, WAF, and edge compute.
  • Architect and operate Cloudflare Zero Trust — including Access policies, Tunnel configuration for private network routing, Gateway egress filtering and DNS security policies, and WARP client deployment.
  • Manage and tune AWS-native security tooling: GuardDuty, Security Hub, Config, Inspector, CloudTrail, and WAF.
  • Integrate security controls into CI/CD pipelines (GitHub Actions) — including SAST, DAST, container image scanning, dependency vulnerability checks, and secrets detection.
  • Enhance container and workload security through image signing, admission controllers (Kyverno), runtime policies, and base image hygiene.
  • Manage dependency and patch lifecycle across Docker images, Helm charts, Terraform modules, and application packages.
  • Own and operate security monitoring and incident response: maintain SIEM/log aggregation pipelines, tune alerting for anomalous behavior and policy violations, lead root cause analysis, and document post-mortems.
  • Conduct and coordinate vulnerability assessments; track findings through to remediation.
  • Automate compliance checks and drift detection using infrastructure scanning and policy-as-code tooling.
  • Participate in on-call rotation to respond to security and infrastructure incidents.
  • Support SEC and FINRA compliance obligations by implementing and documenting technical controls, and partner with legal and compliance teams during audits and regulatory reviews.
  • Document infrastructure patterns, access controls, and security architecture for audit readiness.

Requirements

What you’ll need
  • 7+ years of experience in information technology or cloud infrastructure
  • 5+ years of experience in infrastructure, security engineering, or DevOps — with meaningful hands-on overlap across all three
  • Strong AWS expertise across security-relevant services: IAM, VPC, GuardDuty, Security Hub, Config, CloudTrail, Secrets Manager, KMS, Network Firewall, and PrivateLink
  • Production experience with Cloudflare Zero Trust — Access, Tunnel, Gateway, and WARP; familiarity with Cloudflare Workers or edge compute is a plus
  • Solid AWS networking knowledge: VPC design and segmentation, Transit Gateway, PrivateLink, Route 53 Resolver, and Network Firewall in a multi-account environment
  • Strong Infrastructure-as-Code skills using Terraform and Terragrunt
  • Hands-on experience securing CI/CD pipelines: SAST, container scanning, secrets detection, and policy gates in GitHub Actions or similar
  • Experience operating a security observability stack; Datadog is our current platform and familiarity with it is a plus
  • Experience operating in a regulated financial services environment and the compliance obligations that come with it
  • Experience with vulnerability management lifecycle: scanning, prioritization, tracking, and remediation
  • Proficiency in at least one scripting or programming language: Python, Go, Bash, or TypeScript
  • Strong written communication skills — able to produce documentation that satisfies both engineering and audit audiences.

Benefits

Comp & perks
  • Competitive salary based on experience
  • Excellent benefits including: Health, Vision & Dental Insurance
  • Fully remote position with equipment provided

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
AWSTerraformTerragruntCloudflare Zero TrustCI/CDSASTcontainer scanningvulnerability managementPythonGo
Soft Skills
strong written communicationroot cause analysisdocumentationincident responsecollaboration