Collaborate with IT, SRE and Software engineering teams to define and implement security best practices across Serve’s cloud infrastructure (AWS/GCP).
Develop and support internal security risk assessment processes as part of Serve’s software and system lifecycle and third party vendor acquisitions.
Develop, maintain, and improve automation tools for secure configuration management and continuous monitoring (e.g., runtime security, image scanning, IAM policy enforcement).
Design and deploy infrastructure and application security controls to protect critical information systems.
Design and deploy endpoint security measures to protect IT managed devices.
Design and implement IT infrastructure hardening requirements for on-premise network infrastructure: firewalls, switches, and on-premise storage etc.
Research and monitor threats and vulnerabilities, perform impact assessments and drive remediation actions partnering with engineering teams.
Participate in the triage, investigation, and resolution of security incidents.
Participate in the Security team on-call rotation.

Requirements

3-5 years of hands-on experience in security engineering, DevSecOps, or infrastructure security roles.
Solid understanding of cloud platforms (AWS and/or GCP) and their security services.
Strong knowledge of Linux systems and core networking protocols (TCP/IP, DNS, HTTP).
Familiarity with infrastructure-as-code tools such as Terraform or CloudFormation.
Experience with container security best practices and tools (Docker, Kubernetes).
Proficiency in at least one scripting language (Python, Bash, etc.).
Excellent communication and collaboration skills across technical and non-technical teams.
Familiarity with secure authentication protocols (OAuth, SAML) and cryptographic key management.
Experience with vulnerability scanning and compliance tooling.
Exposure to security frameworks and standards (NIST, ISO27001, CIS Benchmarks).
Programming experience in languages like C, C++, or JavaScript.
Security certifications such as AWS Security Specialty, Google Cloud Security Professional, or CISSP.
A strong sense of ownership and accountability in your work.
The ability to work independently, ask questions, and drive projects forward.
Continuous learning and a genuine interest in security across domains.
Empathy, clear communication, and a collaborative mindset.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security engineeringDevSecOpsinfrastructure securitycloud platformsLinux systemsnetworking protocolsinfrastructure-as-codecontainer securityscripting languagesvulnerability scanning

Soft Skills

communication skillscollaboration skillsownershipaccountabilityindependenceproblem-solvingcontinuous learningempathyclear communicationcollaborative mindset

Certifications

AWS Security SpecialtyGoogle Cloud Security ProfessionalCISSP