• The GoodLeap security team is responsible for both business enablement and safeguarding the organization’s information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap’s customers, partners, and employees information. • The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap systems, services, and operational processes. • In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap to design, build, implement, and operate security and fraud monitoring, detection, and response capabilities.

• Operate and continuously improve security controls across hybrid and on-prem platforms (compute, virtualization, OS, network services) • Administer and tune security tooling including SIEM , EDR , and CSPM ; drive alert quality improvements and reduce noise • Implement and enforce secure configuration baselines (CIS or equivalent), hardening standards, and patching/upgrade coordination • Manage security logging strategy: log onboarding, parsing, normalization, correlation rules, dashboards, and alerting use-cases • Perform vulnerability scanning, exposure management, and remediation tracking with clear SLAs and risk-based prioritization • Support incident response activities (triage, containment support, evidence collection, escalation) and post-incident improvements • Strengthen identity and access controls for platform administration (least privilege, privileged access patterns, access reviews) • Maintain security runbooks, SOPs, and operational documentation; contribute to audit evidence preparation for ISO 27001/SOC 2, etc. • Collaborate with infrastructure and operations teams to embed security into day-to-day BAU, including change management and release windows

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description This is a hands-on operational role where you'll work directly with customers to deploy and manage their security protections. You'll be the bridge between our platform capabilities and customer needs, ensuring organizations ranging from nonprofits to multinational enterprises maintain strong security postures. - Deploy and manage security protections for New Harbor customers - Respond to vendor security questionnaires using AI-assisted tools and our policy library - Provide customer support via Slack and email, troubleshooting security configuration issues - Onboard new customers and guide them through security protection rollout - Document processes for security operations and customer management Qualifications - Currently pursuing undergraduate or graduate degree in Cybersecurity, Information Systems, Computer Science, or related field - Enjoys working directly with customers and building relationships - Self-starter who can manage multiple customer relationships with limited direction - Strong written and verbal communication skills with ability to explain security concepts clearly - Interest in cybersecurity, compliance, and helping organizations improve their security posture - Comfortable working with ambiguity and learning new security concepts quickly - Detail-oriented with strong organizational skills Requirements - Familiarity with information security frameworks (CIS, NIST, SOC 2) - Experience with compliance or audit processes - Coursework in cybersecurity Benefits - Direct customer impact from day one - Mentorship from experienced security professionals - Ownership of customer relationships - Opportunity to make security simple and accessible for organizations of all sizes

• Monitor, investigate, triage, and respond to security alerts generated from SIEM, EDR, firewalls, email security, cloud platforms, and other security tools. • Perform advanced network analysis, including packet capture review, flow analysis, and traffic anomaly detection. • Conduct log analysis across diverse systems (cloud, endpoint, network, identity, and applications). • Assist with EDR investigations and response actions using tools such as SentinelOne (preferred). • Analyze threats, malware behavior, and attack patterns to determine risk and recommend or implement remediation steps. • Collaborate with internal teams to improve detection rules, alerting logic, and data enrichment within Google Chronicle or other SIEM technologies. • Develop, maintain, and optimize SOC playbooks, runbooks, and escalation procedures. • Assist with SOC process improvements, automation opportunities, and overall operational efficiency. • Participate in On-Call rotation