Senior Product Security Engineer

As a scale-up experiencing rapid growth, we are looking for a highly experienced and driven Senior Product Security Engineer to join our Security team. This role is critical to the security, resilience, and operational excellence of our FedRAMP cloud environment and broader SaaS platform.

We are seeking a senior security engineer who can take ownership of complex cloud security challenges, drive technical decisions, and help shape the future of our cloud security program. You will play a key role in designing, operating, hardening, and continuously improving a secure AWS-based environment, with a strong focus on FedRAMP requirements, automation, incident response, and scalable security architecture.

This is an opportunity for someone who thrives in high-impact environments, enjoys tackling difficult technical problems, and wants to help build secure, resilient systems at scale.

What you’ll do

• Serve as a core member of the Cloud Security team with significant influence on the direction, priorities, and execution of the cloud security program.
• Own, operate, maintain, and improve our FedRAMP cloud environment, ensuring it meets high standards for security, availability, compliance, and operational excellence.
• Design, implement, and maintain a secure, scalable, and resilient AWS cloud infrastructure, covering both the cloud platform and the applications running on it.
• Build and improve security controls across cloud resources, including networking, compute, storage, logging, monitoring, and IAM.
• Lead the hardening of AWS environments and Kubernetes-based platforms, applying security best practices and secure-by-default patterns.
• Drive the automation of security controls, operational processes, and compliance requirements to reduce manual effort and human error.
• Partner closely with SRE, platform, and engineering teams to ensure services are deployed and operated securely in highly regulated environments.
• Develop, maintain, and continuously improve incident response capabilities for cloud environments, including detection, containment, investigation, recovery, and post-incident analysis.
• Respond to security incidents, perform deep technical investigations, and drive remediation and long-term corrective actions.
• Proactively identify and mitigate security risks through threat-informed assessments, vulnerability management, and continuous cloud security reviews, including the use of tools such as CNAPP.
• Manage and improve security tooling and services such as SIEM, EDR, cloud-native security tooling, and monitoring platforms, while developing meaningful security and risk metrics.
• Contribute to the development and execution of our cloud security strategy, balancing business needs, engineering velocity, and regulatory obligations.
• Collaborate with engineering teams to understand system designs, guide secure architecture decisions, and help solve complex technical security problems.
• Contribute to cloud security education and training for engineering teams, helping raise the overall security maturity of the organization.
• Stay current on emerging cloud threats, AWS security capabilities, attacker techniques, and industry best practices, and translate that knowledge into practical improvements.