17 days ago
Base Salary
$114k - $206k/yr
Responsibilities
- Conduct a full AWS security posture assessment and deliver a prioritized remediation roadmap.
- Activate and tune AWS Security tools across all accounts and regions.
- Enforce least-privilege IAM and audit existing roles.
- Enable AWS Config Rules and automated remediation for common misconfigurations.
- Design and implement a secrets management strategy.
- Establish a vulnerability management program for cloud workloads.
- Own cloud infrastructure incident response and conduct post-incident reviews.
- Implement DLP policies for data classification and sharing controls.
- Manage and mature the Zero Trust / VPN solution.
- Own SIEM selection and deployment, configuring alerting and on-call.
- Implement phishing-resistant MFA for privileged accounts.
- Conduct annual security awareness training and quarterly phishing simulations.
- Maintain security policies and own SOC 2 Type II continuous compliance.
- Partner with Engineering to implement security controls in the SDLC.
- Own the vendor security review process and maintain a risk register.
- Build and own the Incident Response Plan.
Requirements
- 5–8 years of security engineering experience with a strong AWS focus.
- Hands-on experience with AWS security services like GuardDuty and IAM.
- Demonstrated SOC 2 or ISO 27001 readiness experience.
- Proficiency in at least one SIEM platform such as Splunk or Elastic.
- Scripting/automation ability in Python or Bash.
- Google Workspace security and administration experience.
- Strong written communication skills for security policies and reports.
Benefits
- Comprehensive medical, dental and vision plans for employees and their families.
- 401K plan.
- Maternity and paternity leave.
- Flexible Time Off for exempt employees and paid time off for non-exempt employees.
- Flexible work environment.
- Orca pass for those in Puget Sound.
- Free parking at the Seattle office.
- Free snacks, drinks, and espresso at the Seattle office.