Senior Security Engineer responsible for deploying and maintaining endpoint security solutions. Collaborating across teams to enhance security posture and supporting incident response activities.
About the role
- Staff Security Engineer architecting the security program at Pivotal Health. Lead the design and implementation of secure systems and compliance readiness.
Responsibilities
- Define and evolve Pivotal’s security architecture: Help shape the long-term security architecture of the platform, establishing patterns and guardrails that ensure infrastructure, networking, and services remain secure as the system scales.
- Build security directly into the platform: Design and implement automated controls, policies, and tooling that embed security into our infrastructure and engineering workflows rather than relying on manual review processes.
- Own infrastructure security and automation: Expand and strengthen Infrastructure as Code practices using Terraform to ensure infrastructure is provisioned securely, consistently, and auditable across environments. Where necessary, deploy and integrate security tooling that strengthens our detection, prevention, and response capabilities across the platform.
- Lead cloud and network security design: Design secure networking architectures including VPC configuration, private networking, firewall policies, and edge protections that safeguard internal systems and customer data. Over time, help extend security practices to any hybrid or on-premise infrastructure environments as the platform evolves.
- Secure development workflows and CI/CD systems: Establish best practices for secure build pipelines, dependency management, artifact integrity, and secure software delivery.
- Drive compliance readiness and regulatory maturity: Lead security initiatives required for frameworks such as SOC 2 and HIPAA, including control design, remediation work, audit preparation, and long-term security improvements.
- Translate compliance frameworks (SOC2, NIST, HIPAA) into actionable engineering tasks and automated controls that integrate smoothly with developer workflows.
- Act as a primary technical point of contact during audits and security reviews, confidently representing Pivotal’s security posture to auditors, partners, or customers when needed.
- Improve monitoring, detection, and operational visibility: Design systems that surface meaningful security signals across infrastructure and services, helping teams detect issues earlier and respond effectively.
- Reduce security toil through automation: Identify manual or repetitive security work and replace it with automated systems, tooling, and infrastructure improvements.
- Partner with engineering teams across the company: Operate as a technical partner to engineering teams, helping them design secure systems while preserving speed and developer experience. Serve as a “security champion” within the organization — collaborating with engineering and IT teams to identify vulnerabilities and work together on practical remediation solutions.
- Raise the bar for security engineering at Pivotal: Set technical direction, establish security standards, and mentor engineers as we continue to mature our platform and security posture. Develop guidelines and protocols for the responsible and secure use of emerging technologies, including AI and LLMs, within both our product and internal workflows.
Requirements
- 8+ years of experience building and securing cloud infrastructure, platform systems, or developer tooling
- Strong experience designing and operating secure cloud-native systems (AWS or GCP; GCP preferred)
- Deep hands-on experience with Infrastructure as Code, particularly Terraform
- Strong understanding of cloud networking and secure architecture (VPCs, private networking, routing, firewall policies)
- Experience securing CI/CD pipelines and modern software delivery systems
- Experience implementing secrets management and security controls across cloud environments
- Experience contributing to or leading security and compliance audits (SOC 2, HIPAA, ISO, NIST, or similar)
- Strong engineering fundamentals with the ability to explain security architecture and tradeoffs clearly to technical teams
- Strong computer science or software engineering foundation with the ability to communicate effectively "engineer-to-engineer."
- Familiarity with common security frameworks and principles such as the OWASP Top 10, OSI model, and modern cloud security practices.
- Experience participating in or supporting penetration testing, offensive security exercises, or vulnerability remediation efforts.
- You prefer pragmatic, custom-fit solutions over "buying your way out" of a problem with expensive, bloated enterprise tools.
- You are comfortable operating in a fast-moving environment where you may be both defining the strategy and executing hands-on technical work.
Benefits
- Competitive compensation, including equity
- Full health, dental, and vision coverage
- Retirement savings plan through 401(k)
- Flexible time off
- Opportunities for company-wide connection and events
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Administrative support role within MAHLE's Thermal and Fluid Systems unit, assisting the team with various operational tasks and employee interactions.
Senior Security Engineer at PagBank focusing on application security and secure development practices. Responsibilities include testing, vulnerability management, and collaboration with development teams.
Security Software Engineer at a tool - building company automating coding. Focused on shipping secure products covering enterprise security, cloud, and embedded protections.
Senior Product Cyber Security Systems Engineer at Sonova focusing on product security and cyber threats. Collaborating with teams to maintain robust security practices and compliance.
Threat Exposure Oversight Specialist enhancing security risk management in Cyber Defence team. Collaborating across functions to validate and document security controls and risks.
Lead Security Engineer at Octopus Energy, ensuring security in digital energy solutions and managing a team. Join us in revolutionizing the renewable energy transition.
Lead Information Security Analyst driving security improvements and team management at Octopus Energy. Join us in ensuring secure service delivery across our global operations.
Program Manager overseeing global safety, intelligence, and security at Anthropic. Developing policies and coordinating cross - functional initiatives.
CyberSecurity Sales Specialist engaging Fortune 250 clients to drive cybersecurity solutions at HPE. Focusing on enterprise sales, strategic expansion, and leading competitive pursuits in the Northeast - Mid Atlantic region.