Senior Infrastructure Security Engineer

United States

Remote

Senior

Full Time

10 days ago

infrastructure securitycloud securitydetection and responseincident responseSIEMSOARmacOS securityInfrastructure as CodeblockchainWeb3

Requirements

•5+ years of hands-on infrastructure or detection-and-response security experience
•Production experience securing a cloud-based identity and collaboration platform at scale beyond default settings
•Hands-on experience with a modern SIEM and SOAR including writing detections, onboarding log sources, building response playbooks, and tuning to reduce false positives
•Strong cloud security background including IAM, network controls, workload identity, and organization-level guardrails
•Practical experience securing a macOS-dominant endpoint fleet including MDM, endpoint hardening baselines, and EDR
•Familiarity with Infrastructure as Code, secrets management, and security automation
•Real incident response experience including being on-call for security and leading investigations to conclusion
•Clear, constructive technical communication across engineering and non-engineering stakeholders

•Own the security configuration of identity and collaboration stack including identity and access policies, third-party app governance, DLP, context-aware access, and admin audit
•Drive least-privilege and phishing-resistant MFA across the organization
•Build, tune, and maintain detections for detection and response
•Design response playbooks for high-signal alerts
•Onboard new log sources and own the detection-as-code pipeline
•Reduce mean-time-to-detect and mean-time-to-respond on real incidents
•Harden cloud footprint, Kubernetes clusters, and CI/CD pipelines
•Review Infrastructure as Code for security regressions and embed guardrails
•Partner with DevOps on secrets management and supply-chain controls
•Own the security posture of the endpoint estate including MDM configuration, baseline hardening, EDR tuning, and endpoint telemetry
•Lead and participate in security incident investigations end-to-end including containment, forensics, root cause, remediation, and post-mortem
•Improve runbooks and detections after every incident
•Run threat models and architecture reviews for new internal systems and infrastructure changes
•Translate findings into concrete, prioritized work
•Work alongside Protocol Security, DevOps, IT Ops, and Product Engineering
•Raise risks constructively, write clearly, and influence without owning every system

•Blockchain / Web3 exposure including familiarity with security considerations of decentralized infrastructure, validator/sequencer operations, key management for on-chain systems, or hot/cold wallet operations
•Bonus for Ethereum, Solidity, or ZK-related background
•Compliance framework experience with SOC 2 and ISO 27001 including building or maintaining controls, evidence collection, control design, working with auditors, and mapping technical safeguards to control criteria
•Comfort translating compliance requirements into real engineering work without letting compliance dictate engineering
•Kubernetes security including admission control, runtime detection, supply chain
•Detection engineering as code including Git-based rule management, CI for detections, purple-team validation
•Experience in lean security teams owning a domain end-to-end rather than a narrow slice