Principal Security Engineer

You will implement and maintain security controls across multi-cloud (AWS, Azure, GCP, AliCloud) and on-premises infrastructure. You will own IAM strategy and implement identity and access models, and design and operate key management and custody controls such as HSMs and secrets management. You will harden CI/CD pipelines (GitLab), secure the software delivery process, and configure corporate security tooling including endpoint protection, MDM/Jamf, DLP and identity management. You will respond to security incidents by triaging, investigating, containing and remediating, conduct security assessments of infrastructure and applications, automate detection, alerting and response, and embed security into cloud provisioning and system configuration. Expect to write code, configure systems, and ship security improvements with end-to-end ownership.

Responsibilities

• Implement and maintain security controls across multi-cloud and on-premises infrastructure
• Own IAM strategy and implementation
• Design and operate key management and custody controls such as HSMs and secrets management
• Harden CI/CD pipelines and secure the software delivery process
• Configure and operate corporate security tooling including endpoint protection, MDM/Jamf and DLP
• Respond to security incidents by triaging investigating containing and remediating
• Conduct security assessments of infrastructure and applications
• Automate detection alerting and response
• Embed security into cloud provisioning and system configuration

Requirements

• 8+ years hands-on experience in security engineering or security operations
• Experience designing and implementing IAM across cloud environments
• Working knowledge of cloud security controls across multiple providers with emphasis on AWS and Azure
• Experience securing CI/CD platforms, GitLab preferred
• Familiarity with corporate IT security tooling such as Jamf endpoint protection DLP and SSO/IdP
• Comfortable in Linux environments and scripting with Python Bash or similar
• Experience with infrastructure-as-code such as Terraform or Pulumi is a plus
• Exposure to financial services crypto or other regulated environments is a plus

Benefits

• Direct ownership of security implementation
• A small technical team where your work has immediate impact
• Exposure to low-latency trading infrastructure and the digital asset space