Information Security Engineer
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for an Information Security Engineer based in United States.
This role offers the opportunity to strengthen security across a high-scale technology environment serving thousands of businesses worldwide.
You will design, automate, and improve security controls that protect critical infrastructure, products, and customer data.
Working closely with engineering and product teams, you will embed security best practices throughout the development lifecycle.
You will contribute to threat detection, vulnerability management, incident response, and compliance initiatives.
The position combines hands-on technical execution with strategic thinking to improve overall security maturity.
You will join a collaborative, remote-friendly environment where security is treated as a driver of innovation and trust.
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for an Information Security Engineer based in United States.
This role offers the opportunity to strengthen security across a high-scale technology environment serving thousands of businesses worldwide.
You will design, automate, and improve security controls that protect critical infrastructure, products, and customer data.
Working closely with engineering and product teams, you will embed security best practices throughout the development lifecycle.
You will contribute to threat detection, vulnerability management, incident response, and compliance initiatives.
The position combines hands-on technical execution with strategic thinking to improve overall security maturity.
You will join a collaborative, remote-friendly environment where security is treated as a driver of innovation and trust.
Accountabilities:
- Design, automate, and enhance security controls, detection mechanisms, and tooling to strengthen infrastructure and product security.
- Research and evaluate emerging security technologies, frameworks, and techniques to improve overall security capabilities.
- Implement and maintain security monitoring, remediation systems, and protection mechanisms for critical systems and data.
- Partner with engineering and product teams to integrate security practices into new features, systems, and development workflows.
- Conduct security risk assessments, threat modeling activities, and evaluations of internal systems, services, and third-party technologies.
- Support incident response activities, investigations, and post-incident reviews to identify improvements and prevent recurrence.
- Contribute to security standards, processes, documentation, and best practices across the organization.
- Support compliance initiatives related to frameworks such as SOC 2, ISO 27001, C5, and GDPR.
- Manage and improve vulnerability disclosure and bug bounty programs.
- Collaborate with security leadership to prioritize initiatives and deliver measurable improvements rather than simply responding to requests.
- 3–6 years of experience in Information Security engineering, infrastructure protection, security operations, or related technical fields.
- Strong experience with scripting or automation using Python, Bash, Go, or similar programming languages.
- Solid understanding of security principles in modern cloud environments such as AWS, GCP, or Azure, as well as traditional infrastructure environments.
- Hands-on experience operating and managing security technologies including SIEM, threat detection platforms, endpoint detection and response (EDR), SAST, SOAR, CTI, and vulnerability management tools.
- Experience with security platforms such as CrowdStrike, Obsidian, or similar enterprise security solutions.
- Strong knowledge of common cybersecurity threats, attack vectors, mitigation strategies, and defensive techniques.
- Understanding of computer systems, networking, and low-level protocols from a security perspective.
- Experience with incident detection, response, investigation, and vulnerability remediation.
- Ability to communicate security risks and technical concepts clearly to both technical and non-technical audiences.
- Strong collaboration skills with the ability to work with security leadership, engineers, and cross-functional teams.
- Professional proficiency in English.
- Experience scaling security programs within high-growth SaaS organizations.
- Cloud security certifications such as AWS Security Specialty or GCP Professional Security Engineer.
- Experience with secrets management platforms such as HashiCorp Vault.
- Background in privacy engineering, secure software design, or threat modeling.
- Experience contributing to security communities, open-source security tools, bug bounty programs, or Capture the Flag events.
- Competitive annual base salary range of $136,400 – $149,429 USD, depending on location, skills, experience, and qualifications.
- Flexible workplace model with remote and hybrid options depending on region.
- Opportunity to work in a global, remote-friendly environment with a strong focus on autonomy and collaboration.
- Health and wellness benefits designed to support employees and their families.
- Professional development opportunities and continuous learning support.
- Chance to make a measurable impact by improving the security of systems used by millions of end users.
- Collaborative culture built around trust, ownership, curiosity, and continuous improvement.
The Information Security Engineer will play a key role in designing and operating security solutions that protect systems, infrastructure, and customer information. This role requires strong technical ownership, cross-functional collaboration, and the ability to improve security practices across a fast-moving technology organization.
Requirements:
The ideal candidate combines hands-on security engineering experience with strong communication skills and the ability to work independently in a cloud-focused environment. You should be comfortable solving complex security challenges, advising technical teams, and building scalable security solutions.
Nice to have: