Senior Security Engineer at Chainguard shaping how open source defends itself. Collaborate with teams to enhance security posture and compliance with industry standards.
About the role
- Senior Security Engineer at Wattpad implementing security controls for AWS cloud systems. Collaborating with engineering teams to ensure data protection and secure software practices.
Responsibilities
- Designing, implementing, and monitoring security controls in our AWS cloud infrastructure to balance protection with scalability.
- Influencing the technical direction of the Engineering & Data department by introducing secure development practices and threat modeling.
- Acting as a force multiplier by building security automation workflows and "guardrails" that allow teams to ship code safely and quickly.
- Directly solving complex security challenges, including incident response, root cause analysis, and remediation of vulnerabilities.
- Assisting teams in implementing access management and compliance controls, compliance (SOC 2/ISO 27001), and risk governance.
- Building and maturing our application security program, partnering with engineering teams to triage findings from our Vulnerability Disclosure Program.
- Collaborating with engineers on implementing security best practices to help raise the security bar across the organization.
Requirements
- 5+ years of work experience in SecOps, Cloud Security, DevSecOps, or similar security-focused role
- AWS security expertise: Hands-on experience with Security Hub, GuardDuty, Inspector, AWS WAF, and IAM policy management
- SIEM experience highly desirable: Datadog, Splunk, or similar platforms (query development, alert tuning, incident investigation)
- Proficiency with infrastructure-as-code security: Terraform, CloudFormation, or similar
- Experience with containers and Kubernetes (EKS preferred) including security hardening
- Strong scripting and automation skills: Python, Bash, PowerShell
- Experience securing CI/CD pipelines (GitHub Actions strongly preferred)
- Familiarity with MITRE ATT&CK and D3FEND frameworks
- Understanding of enterprise and cloud network security architecture and controls
- SOC 2 and/or ISO 27001 compliance experience
- Self-starter comfortable with ambiguity - ability to define and execute on loosely-scoped problems
- Balanced communication style - proactive collaborator when needed, deep-focus engineer when required
- Excellent written and verbal communication skills for cross-functional collaboration.
Benefits
- Career development; we believe in mentorship and investing in your learning, supporting you to achieve your goals
- Top industry health benefits, including vision and dental
- Your own health/wellness account to spend each year
- RRSP Contributions (Canada), 401K Contributions (USA)
- Generous vacation and Maternity/Parental leave top-up program
- Corporate discount for gym memberships for you and your family
- Work from almost anywhere in the world for part of the year
- Winter break shutdown and a whole lot more!
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Senior Product Security Engineer securing software delivery pipelines at Chainguard. Focus on cloud - native security in CI/CD processes and Kubernetes environments.
Senior Security Engineer managing AI platform posture at Chainguard to enhance security and efficiency. Collaborating with teams for proactive governance, administration, and risk management.
Sr IAM Engineer managing implementation and support of Secret Management solutions at RBC. Collaborating across teams to deliver secure, scalable identity solutions.
Senior Manager managing IAM compliance and security controls for RBC's enterprise. Overseeing risks, audits, and regulatory inquiries in a global security setting.
Principal Developer specializing in cloud security for Nasdaq. Driving initiatives and influencing technical direction in security for scalable cloud systems.
CM
Cybersecurity Architect at Canaccord Genuity designing proactive security solutions. Collaborating with Security team and implementing Microsoft Defender Suite across hybrid environments.
Operations and Business Intelligence Specialist at Mirego managing contracts and improving BI performance for commercial operations. Collaborating with sales and ensuring smooth execution of processes and billing.
Security Researcher simulating advanced adversaries against Bright Data's collection products. Engaging in R&D while influencing team direction in a fully remote role.
Senior Infrastructure Security Engineer safeguarding Dropbox's digital ecosystem alongside a diverse team. Integrating security seamlessly into Dropbox and empowering confident collaboration.