Senior Security Engineer (Cloud & Application Security)

Hybrid – New York, NY (Lower Manhattan)

Overview

Seeking a Senior Security Engineer to lead and elevate security across cloud infrastructure, application systems, and data environments for a high-growth, data-intensive SaaS platform operating in a regulated, high-stakes industry.

This is a hands-on engineering role focused on embedding security into architecture, development, and operational workflows. You’ll partner closely with engineering teams to ensure secure-by-design systems across cloud, application, and data layers.

Key Responsibilities

Cloud & Infrastructure Security

• Design and enforce security controls across AWS environments (compute, networking, IAM)
• Strengthen service-to-service communication and cloud architecture patterns
• Improve secrets management, identity boundaries, and least-privilege access models
• Partner with engineering to enhance security within CI/CD workflows
• Evaluate dependency risks and ensure build-time security controls

Application Security

• Review and secure backend services and APIs (Python-based environments)
• Identify and remediate vulnerabilities (authentication, injection, SSRF, etc.)
• Collaborate with developers to implement secure coding practices

Data Security

• Secure large-scale PostgreSQL environments and production databases
• Improve encryption strategies, access controls, and auditability
• Ensure database changes follow secure governance and review processes

Monitoring & Detection

• Implement security monitoring using observability tools (logs, traces, APM)
• Develop detection logic for anomalous system and data behavior

Incident Response

• Lead security incident investigations and postmortems
• Develop and maintain response playbooks for production systems

Qualifications

• 5+ years of experience in security engineering, cloud security, or application security
• Strong experience with AWS in production environments
• Hands-on experience with Python-based backend systems
• Deep understanding of containerized systems (Docker, ECS, Kubernetes, etc.)
• Strong knowledge of PostgreSQL security and access control
• Experience securing CI/CD pipelines (GitHub Actions, CodePipeline, etc.)
• Background in incident response and production systems

Preferred Experience

• Experience in regulated environments (HIPAA or similar)
• Background in SaaS or high-scale data platforms
• Familiarity with multi-account AWS architectures
• Experience working in high-ingestion or real-time data systems

What You’ll Bring

• High attention to detail and a methodical approach to problem-solving
• Ability to operate in high-stakes, high-data-volume environments
• Strong collaboration skills with engineering and infrastructure teams
• Ownership mindset with the ability to drive security initiatives end-to-end