Security Engineer, Product Infrastructure

About The Position

Requirements

• 2+ years of experience in security operations, security engineering, or a closely related infrastructure or cloud role (for example SecOps analyst, junior security engineer, or cloud/DevOps engineer with strong security exposure).
• Hands-on experience with at least one security tool used in modern cloud or product environments (Wiz, Orca, CrowdStrike, SonarCloud, Upwind, or similar), and an interest in becoming the go-to person for issue resolution.
• Scripting experience in Python or Go (or similar) to automate repetitive tasks, integrate tools, or build small utilities that make the team more efficient.
• Prior participation in an on-call rotation for production systems or security incidents, even in a shadowing or secondary role.
• Experience working with tickets, incidents, or production issues, and following a structured process to investigate, document, and resolve or escalate them appropriately.
• Strong communication skills, with the ability to explain what you’re seeing and what you recommend as a next step to both technical and non-technical audiences.
• A learning mindset and growth orientation: you’re comfortable asking questions, seeking feedback, and taking ownership.

Nice To Haves

• Exposure to Infrastructure-as-Code (Terraform) and Kubernetes concepts — you don’t need to be an expert yet, but you should be comfortable learning how infrastructure and security controls are expressed as code.
• Experience contributing to a Vulnerability Management Program or similar process, such as helping track security findings, prepare reports, or coordinate remediation work with engineering teams.
• Familiarity with security frameworks (such as SOC 2 or NIST) or regulated environments, and how they influence security controls and documentation.
• Interest in or exposure to crypto infrastructure, and a desire to grow your skills at the intersection of security, blockchain, and AI.

Responsibilities

• Respond to security tickets and alerts: investigate issues, gather context from logs and dashboards, and collaborate with Security Engineering and product/platform teams on next steps.
• Partner with product, platform, and infrastructure teams to understand security findings, explain risk in clear terms, and support them in implementing secure configurations across AWS/GCP, Kubernetes clusters, and shared services.
• Utilize core security tools to protect critical product cloud infrastructure (for example Wiz, CrowdStrike, SonarCloud, Okta, and related platforms)
• Participate in an on-call rotation (with onboarding and shadowing) for security incidents and critical security tooling issues, providing structured triage, documentation, and communication until resolution or hand-off.
• Contribute to security reviews for new services and major infrastructure changes, helping identify misconfigurations and recommending practical mitigations that fit team workflows.
• Learn to read and make small, well-reviewed changes to Infrastructure-as-Code (Terraform) and Kubernetes configurations to help embed guardrails, hardening standards, and security checks into our infrastructure and CI/CD pipelines.
• Collaborate with partners across Security, IT, Platform Engineering, Legal, Risk, and Investigations, building strong working relationships and practicing clear, empathetic communication.