Security Software Engineer at Pinterest developing IAM infrastructure and tools for identity and authorization. Collaborating on mission - critical features in a team - focused environment.
About the role
- Senior Security Engineer developing and implementing security controls for cloud-based SaaS applications. Leading compliance efforts for Federal customers while collaborating with engineering and DevOps teams.
Responsibilities
- Lead the development, documentation, and implementation of security controls aligned with NIST 800-171 and NIST 800-53 frameworks
- Own and maintain compliance artifacts including System Security Plans (SSP), Plans of Action and Milestones (POA&M), and supporting documentation
- Drive Assessment and Authorization (ATO) efforts, including preparation of authorization packages and coordination with assessors
- Collaborate with engineering and DevOps teams to integrate security controls into cloud infrastructure, CI/CD pipelines, and application architectures
- Conduct risk assessments, maintain risk registers, and lead remediation efforts for identified security gaps
- Develop and enforce security policies, procedures, and standards aligned with Federal and customer requirements
- Evaluate and document security controls across AWS environments, containerized systems, and operational processes
- Support SOC 2 Type 2 readiness, including audit preparation, evidence collection, and control validation
- Monitor changes in regulatory requirements and proactively update security controls and documentation
- Contribute to incident response planning, documentation, and post-incident analysis
Requirements
- 5+ years of experience in security engineering, compliance, or information assurance roles
- Deep expertise in NIST 800-171 and NIST 800-53 security frameworks
- Proven experience developing and maintaining SSPs, POA&Ms, and audit-ready compliance documentation
- Hands-on experience supporting ATO/ATT processes in Federal or defense environments
- Strong experience with AWS cloud security, including IAM, VPC architecture, encryption, and logging
- Experience implementing security controls in containerized environments (Docker, Kubernetes, ECS)
- Solid understanding of identity and access management, secrets management, and network security principles
- Excellent written communication skills with the ability to produce clear, thorough, and audit-ready documentation
- Strong organizational skills and the ability to manage multiple concurrent compliance initiatives
Benefits
- Competitive salary and benefits
- Full health coverage
- Unlimited PTO
- Flexible work hours
Job title
Job type
Experience level
Salary
Degree requirement
No Education Requirement
Tech skills
Location requirements
Senior Network and Security Information Analyst defining and implementing network and information security at Airbus. Managing security assets and compliance across the organization while documenting and reporting vulnerabilities.
Associate Consultant for Microsoft Security focused on supporting the delivery of security solutions. Collaborate with experienced consultants and learn in a remote - first environment with occasional onsite work.
Software Engineering Intern at Red Hat working on the security of software production pipelines. Contributing to projects involving AI tools and secure development practices in Brno, Czech Republic.
Technical support intern assisting clients and monitoring backup systems. Involves client interaction, system maintenance, and adherence to legal standards.
GRC Lead managing security compliance and risk governance in Egypt. Driving initiatives for ISO 27001 alignment and overseeing security audits and policies.
Cybersecurity Engineer responsible for safeguarding information systems and developing cyber security capabilities. Involves project management and collaboration through all phases of software development lifecycle.
Health and Safety Coordinator managing safety programs and practices in Brazil's largest pet ecosystem, Petz. Ensuring compliance and leading safety initiatives across various facilities.
Senior Industrial Security Specialist at Boeing conducting program assessments and managing compliance. Overseeing audits and supporting internal investigations while protecting sensitive information.
Senior/Lead Product Cybersecurity Engineer at Boeing ensuring the security and resilience of digital airplane systems. Leading risk assessments, technical solutions, and stakeholder coordination.