about 1 month ago
Base Salary
$190k - $240k/yr
Responsibilities
- Harden and improve the security of Sage's cloud infrastructure across AWS and GCP.
- Own vulnerability management end to end, including scanning and remediation coordination.
- Build and maintain incident response capabilities and post-incident analysis.
- Drive SOC 2 and HIPAA compliance programs, producing evidence and closing control gaps.
- Implement supply chain security controls and automate credential management.
- Embed security into CI/CD pipelines and the software development lifecycle.
- Conduct security reviews of architecture decisions and manage vendor security assessments.
- Establish key and credential rotation policies with clear ownership.
- Implement automated compliance scanning across cloud accounts.
- Validate disaster recovery procedures maintain security controls.
Requirements
- 6+ years of experience in security engineering with a focus on cloud security.
- Hands-on experience with IAM design, VPC architecture, and infrastructure hardening.
- Experience building vulnerability management programs and managing compliance.
- Practical incident response experience with real security incidents.
- Experience securing containerized applications and CI/CD pipelines.
- Strong communication skills to explain risks to both technical and business stakeholders.
- Willingness to work in the office Tuesday through Thursday in NYC.
Benefits
- Competitive base compensation with stock options.
- Fully-paid health and dental insurance coverage.
- Take as you need time off policy, plus 7 paid holidays and a winter break.
- Office lunch and a fully stocked snack bar.
- Up to 2 remote workdays per week.