Role Description This role offers a critical opportunity to safeguard and optimize cloud-based systems in a highly regulated environment. As a Senior Security Engineer, you will lead security operations, ensuring infrastructure, deployments, and access controls meet rigorous compliance standards. You will design and implement automated workflows, manage CI/CD pipelines, respond to security incidents, and maintain audit-ready documentation. This position is ideal for professionals who combine deep cloud security expertise with operational discipline and a passion for efficiency through automation. You will collaborate across engineering, product, and compliance teams to embed security best practices while supporting mission-critical systems at scale. The role provides exposure to federal or regulated environments and a chance to shape security operations with cutting-edge tools and processes. - Maintain, improve, and secure CI/CD pipelines to support reliable deployments and operational workflows. - Manage infrastructure-as-code (IaC) changes, including reviews, approvals, and security assessments. - Conduct security impact analyses for system and application changes, providing actionable recommendations. - Oversee patch management, hardened images, and secure baseline operations for regulated cloud environments. - Govern identity and access management, ensuring proper account provisioning, RBAC maintenance, and regular audits. - Monitor, tune, and manage logging and SIEM pipelines for accurate security alerting and incident response. - Lead incident response activities from investigation through containment, recovery, and post-mortem reporting. - Maintain comprehensive SOPs, runbooks, and documentation to ensure consistent operations and compliance readiness. - Collaborate with engineering, DevOps, and compliance teams to integrate security practices into development and operations workflows. Qualifications - 5+ years of experience in security engineering or infrastructure operations within federal or regulated cloud environments. - Deep familiarity with NIST 800-53 controls and continuous monitoring practices. - Proven expertise in AWS/SaaS security, CI/CD pipelines, infrastructure automation, and IaC security practices. - Hands-on experience with patch management, secure baselines, hardened images, and access management. - Ability to manage SIEM pipelines and lead Tier 1/Tier 2 incident response efforts. - Strong technical documentation, collaboration, and incident/project management skills. - Nice to have: experience integrating security automation into CI/CD and SecOps workflows, federal audit support experience, and knowledge of SaaS security operations at scale. Benefits - Competitive base salary range of $170,000–$200,000 USD. - Eligible for performance-based bonus and restricted stock units (RSUs). - Health, dental, and vision coverage. - Opportunities to work in cutting-edge cloud security environments. - Professional growth in a fast-paced, compliance-driven, and collaborative setting. - Flexible work arrangements and remote work options.

• Cloud Security Engineering: Design, develop, and implement cloud-based infrastructure and programs, including identity and access management, configuration management, and security monitoring. • Cloud Security Architecture: Design and implement secure cloud architectures. • Security Operations: Lead the secure operations of cloud infrastructure, platforms, and software, including installation, maintenance, and improvement of cloud computing environments. • Threat Modeling and Risk Assessment: Analyze and identify potential security threats, assess risks, and develop mitigation strategies to ensure the security and integrity of cloud-based systems. • Compliance and Governance: Ensure compliance with regulatory requirements (e.g., HIPAA, Fed/StateRAMP, GDPR) and organizational policies, and develop and maintain cloud security governance frameworks. • Collaboration and Communication: Partner with architects, engineers, and data scientists to develop and implement AI/ML and cloud security strategies. • Continuous Improvement: Identify areas for improvement to enhance visibility, detective capabilities, and risk reduction.

SpyCloud is on a mission to make the internet a safer place by disrupting the criminal underground. SpyCloud’s solutions thwart cyberattacks and protect more than 4 billion accounts worldwide. Cybersecurity is an exciting, evolving space, and being at the forefront of the fight to disrupt cybercrime makes SpyCloud a special place to work. If you’re driven to align your career with a fantastic mission, look no further! Overview of Job/Team: We are seeking an experienced Security Engineer to join our internal security team who thrives in a fast-paced environment. You have a passion for innovation, solid design principles, and high-quality development. You bring strong infrastructure and detection engineering fundamentals, a security-first mindset, and a deep understanding of cloud and networking concepts. What You'll Do: - Infrastructure Design and Maintenance: - Design, improve, and maintain secure, durable, and performant infrastructure to power applications, security tooling, log collection, and data mining/ETL workflows. - Evolve log collection, processing, and storage infrastructure enabling security monitoring and investigations. - Support multi-account and multi-region AWS networking architectures with security-first principles. - Detection Engineering and Automation: - Develop and maintain Splunk detection content aligned to the relevant frameworks and evolving threat intelligence. - Administer the Splunk Cloud platform, including search health, log health, and app, platform, and content updates. - Design and implement SOAR playbooks to automate investigation and response workflows. - Integrate infrastructure security tooling and automation to enhance detection, prevention, and response capabilities. - Build and maintain detection-as-code and automated deployment pipelines to ensure consistency, repeatability, and auditability. - Continuously refine detection logic to reduce false positives and increase signal quality. - Security and Compliance: - Implement and operate security technologies across the enterprise, such as an endpoint security platforn. - Support incident response and investigation escalations. - Proactively meet standards for information security and compliance, such as SOC 2/ISO27001. - Implement and uphold security measures across all infrastructure components. - Work cross-functionally with Product, IT, DevOps, and Engineering teams to drive secure-by-default practices. - Technical Leadership - Drive architectural and design decisions for SpyCloud’s detection program and platforms. - Mentor junior engineers and establish best practices across infrastructure and detection engineering domains. Requirements: - Professional Experience: - At least 5 years of professional experience in a DevOps, Security Engineering, or Detection Engineering role maintaining relevant production infrastructure. - Technical Proficiency: - Strong working knowledge of AWS services such as EC2, ECS or EKS, Lambda, ELBs, Transit Gateway, VPC, CloudWatch, S3, Code/Build/Pipeline/Deploy, etc. - Strong working knowledge of Terraform or similar tools, AWS CLI/SDK, Boto. - Extensive experience with SIEM content engineering, data transformation, and log onboarding. - Proficiency with scripting languages such as Python, Bash, etc. - Proficiency integrating systems via API and their respective authentication mechanisms. - Strong understanding of networking fundamentals and troubleshooting techniques for bare metal and containerized workloads. - Experience with best practice build pipelines, including Git/GitHub. Nice to Have: - Experience with EDR tools, such as CrowdStrike Falcon and Sentinel One. - Experience with SOAR playbook building and automation, such as Tracecat and Chronicle SecOps. - Experience with Cribl Stream. - Familiarity with Cloud Security Posture Management, such as Crowdstrike and Wiz. Benefits + Perks: At SpyCloud, we are committed to working alongside individuals who are equally passionate about preventing cybercrime, regardless of their department or role. Guided by our core values in all business decisions, we prioritize unity in our mission and ensure all SpyCloud employees have the support and benefits they need to stay focused on our goals. In addition to our engaging workspace in South Austin, flexible and remote-friendly work options, and competitive salary package, we offer our employees a comprehensive benefits package that includes: - 401(k) - Health, Vision, and Dental Insurance - Generous PTO Plan - In-office meals provided SpyCloud is not sponsoring visas at this time. U.S.-Based Benefits + Perks (for Full Time Employees): At SpyCloud, we are committed to working alongside individuals who are equally passionate about preventing cybercrime, regardless of their department or role. Guided by our core values in all business decisions, we prioritize unity in our mission and ensure all SpyCloud employees have the support and benefits they need to stay focused on our goals. In addition to our engaging workspace in South Austin, flexible and remote-friendly work options, and competitive salary package, we offer our employees a comprehensive benefits package that includes: - 401(k) with Employer Contribution - Health, Vision, and Dental Insurance - Health Savings Account (HSA) available with Employer Contribution - Employer Paid Life, Short-term, and Long-term Disability Insurance - Generous PTO Plan and 16 paid holidays per year U.K.-Based Benefits + Perks (for Full Time Employees): - Retirement Savings Plan with Employer Contribution - Employer Provided Private Health Insurance and Healthcare Cashplan - Employer Paid Life Insurance and Income Replacement - Generous Holiday Plan and 14 paid holidays per year About SpyCloud: SpyCloud transforms recaptured darknet data to disrupt cybercrime. Its automated identity threat protection solutions leverage advanced analytics and AI to proactively prevent ransomware and account takeover, detect insider threats, safeguard employee and consumer identities, and accelerate cybercrime investigations. SpyCloud's data from breaches, malware-infected devices, and successful phishes also powers many popular dark web monitoring and identity theft protection offerings. Customers include seven of the Fortune 10, along with hundreds of global enterprises, mid-sized companies, and government agencies worldwide. Headquartered in Austin, TX, SpyCloud is home to more than 200 cybersecurity experts whose mission is to protect businesses and consumers from the stolen identity data criminals are using to target them now. To learn more and see insights on your company’s exposed data, visit spycloud.com. Our Mission: Our mission is to make the internet a safer place by disrupting the criminal underground. Together with our customers and partners, we aim to end criminals’ ability to profit from stolen information. Who We Are: SpyCloud is a place for innovative, collaborative, and problem-solvers to thrive. Individually, we’re amazing, but together, we’re unstoppable. We celebrate diversity and various perspectives and aim to create an inclusive and supportive environment for all. We are proud to be an Equal Employment Opportunity and Affirmative Action employer of choice. All aspects of employment decisions will be based on merit, performance, and business needs. We do not discriminate on the basis of any status protected under federal, state, or local law. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. Women, minorities, individuals with disabilities, and protected veterans are encouraged to apply. SpyCloud complies with applicable state and local laws governing nondiscrimination in employment. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. SpyCloud expressly prohibits any form of workplace harassment. Improper interference with the ability of SpyCloud's employees to perform their job duties may result in discipline up to and including discharge. SpyCloud shares the right to work and participates in the E-Verify program in all locations. If you need assistance or accommodation due to a disability, you may contact us. Our Culture: Our culture is something really special. We’re all driven to disrupt the cybercriminal economy as we keep customer accounts safe from compromise. We support a truly worthy and serious mission, but we have fun doing it together. If you are driven, inventive, and collaborative, you’ll fit right in. SpyCloud’s Recruitment Policy: We will never ask an applicant for sensitive or personal financial information during the recruitment process. We advise all applicants seeking employment with SpyCloud to review available information on recruitment fraud. Anyone who suspects that they have been contacted by someone falsely representing SpyCloud should email careers@spycloud.com. Compensation Transparency Policy: At SpyCloud, we believe in transparency and fairness in compensation. We strive to ensure that all employees are fairly compensated for their contributions, and we openly discuss our compensation philosophy and structure. We are committed to providing competitive salaries and benefits packages to attract and retain top talent, and we encourage open dialogue and feedback regarding compensation matters. Learn more and apply: SpyCloud Careers For applicants residing in California, please click here to read SpyCloud's CCPA Notice.

• You will take on both the technical and disciplinary leadership of our pentesting team, and develop them further through trust, coaching, and your professional expertise according to their individual technical strengths. • With passion, commitment, and a strong customer focus, you will drive commercial success. • You will manage existing and prospective customer relationships, expand them, and ensure high customer satisfaction in your projects. • Based on market analyses and current security trends, you will continuously develop our service and portfolio offerings. • You will analyze customer and market requirements, prepare proposals, and conduct negotiations through to successful contract conclusion. • You will plan, coordinate, and delegate penetration tests of, among others, IT infrastructures, web applications, industrial control systems (ICS), mobile devices and applications, as well as source code analyses to your team.