Senior Security Engineer (Remote, Tech Industry)

Job summary

This role involves enhancing the security posture of a platform by overseeing application and infrastructure security across various layers, including cloud and API. The position requires collaboration with multiple teams to proactively identify and respond to security threats.

Qualifications

• Over 8 years of experience in application, infrastructure, and web security.
• Expertise in OWASP Top 10 vulnerabilities and DDoS attack management.
• Strong knowledge of Cloudflare and AWS security practices.
• Familiarity with compliance frameworks such as ISO 27001 and PCI-DSS.

Responsibilities

• Manage the security posture of web, API, and infrastructure surfaces.
• Identify and remediate vulnerabilities in frontend and backend systems.
• Design security controls at the Cloudflare edge and harden AWS environments.
• Lead threat modeling sessions and monitor security incidents.
• Conduct penetration testing and vulnerability assessments.
• Produce security reports and manage a bug bounty program.

Skills

• Proficiency in penetration testing tools like Burp Suite and OWASP ZAP.
• Strong understanding of API security and secure coding practices.
• Excellent communication skills for reporting and stakeholder engagement.

Education

• Relevant degree or equivalent experience in cybersecurity or related fields.

Tools

• Experience with SIEM platforms and security testing integrated into CI/CD pipelines.