Original listing text, shown exactly as published by the company.
Your Mission
As part of the Engine team, you’ll play a vital role in an environment where innovation meets collaboration. You will drive work independently, syncing regularly to ensure quality and alignment across the following areas:
- Threat Detection & SIEM Ownership: Own the configuration, tuning, and management of our SIEM solution. You will diagnose unusual threats through sophisticated analysis and develop the alerts needed to respond to security incidents across multiple layers.
- Security Analysis & Reviews: Perform architecture reviews, code reviews, and infrastructure configuration reviews. You will conduct light penetration testing on web and mobile apps, identifying root causes of vulnerabilities and resolving them using creative problem-solving.
- Vulnerability Management: Maintain and optimize a vulnerability management CI/CD pipeline within our container/application delivery infrastructure. You will adapt proven methods to align security goals with business objectives, even when guidance is light.
- Cross-Functional Collaboration: Partner with development and infrastructure teams to enforce secure coding practices and remediation strategies. You will adapt your messaging across teams to reduce misalignment and move security work forward.
- Implementation & Tooling: Build and maintain the frameworks and tooling for enterprise security, ensuring that security guidelines are clear and actionable for the broader engineering organization.
- Incident Response: Play a key role in incident response and forensic investigations. You will weigh context and data thoughtfully to make smart decisions during high-pressure situations.
- Security Advocacy: Stay current on the latest threats and provide direct, clear guidance to development teams. You will help develop security training to empower your peers and improve the team’s overall security posture.
What You’ll Bring to Engine
We’re looking for a specialist who is ready to take ownership of team outcomes and deliver high-quality work
- Technical Proficiency: Highly skilled in one or more programming languages (e.g., Ruby, Java, Python, C#, Node.js).
- SIEM & Monitoring: Expertise in managing SIEM solutions with a focus on comprehensive, efficient alerting that reduces "noise."
- Cloud & Containers: Strong knowledge of Docker and Kubernetes, with hands-on experience in automated container vulnerability management.
- Security Testing: Mastery of SAST, DAST, and IAST tools, with the ability to perform manual validation testing to confirm findings.
- Security Principles: Deep knowledge of the OWASP Top 10, Mitre Top 25, and secure coding practices.
- Analytical Problem Solving: Ability to assess complex, ambiguous situations to identify root causes and provide thoughtful input on difficult security topics.
- Communication: A track record of earning credibility with peers through clear, direct communication and a passion for mentoring others.
- Compliance & Frameworks: Experience working with cloud security concepts and compliance frameworks such as SOC 2 and PCI.
Applications for this role will be accepted through July 20th, 2026 until the role is filled. We encourage you to apply early, as we may begin reviewing applications before the deadline.
Compensation
Our compensation packages are based on several factors, including your experience, expertise, and location. In addition to a competitive base salary, total compensation may include equity and/or variable pay (OTE). Your recruiter will share your complete compensation package as you move through the process.
Base Pay Range$115,600—$160,000 USD
