We are looking for a Security Engineer to join our team and strengthen our security monitoring, detection, and cloud security capabilities. In this role, you will work on detecting, correlating, and responding to security threats across endpoints, networks, and cloud environments. You'll work hands-on with IDS/IPS, EDR, vulnerability management, CSPM, and large-scale security data in Elasticsearch, while helping to secure AWS environments using Terraform and native AWS security services.
This position is ideal for someone who enjoys proactive threat detection, deep security analysis, and building secure, automated cloud environments.
What You'll Do
- Monitor, maintain, and improve IDS/IPS platforms for effective threat detection and response
- Manage and tune EDR solutions to enhance endpoint visibility and detection accuracy
- Correlate security events across IDS/IPS, EDR, logs, and cloud telemetry to identify complex attack patterns and reduce false positives
- Analyze and investigate security events using Elasticsearch, Kibana, and related tools
- Perform vulnerability management activities, including scanning, prioritization, reporting, and remediation coordination
- Implement and maintain CSPM controls and monitor cloud environments for misconfigurations and compliance gaps
- Use AWS native security services (Security Hub, GuardDuty, IAM, CloudTrail, CloudWatch, Config, KMS, Inspector) to improve cloud security posture
- Maintain security-related infrastructure and controls using Terraform
- Investigate security incidents, perform root-cause analysis, and support remediation and prevention efforts
- Collaborate with DevOps, IT, and Security teams to improve detection and automate security workflows
- Create and maintain documentation, playbooks, and security procedures
- Contribute to continuous improvement of security controls, monitoring, and alerting
What We're Looking For
- 8+ years of experience in the information security field or similar
- 5+ years of experience with multiple cloud environments, including (but not limited to) AWS
- Hands-on experience with EDR and IDS/IPS platforms
- Strong understanding of event correlation across multiple security tools
- Solid experience with Elasticsearch (queries, dashboards, alerting)
- Practical experience with CSPM and vulnerability management tools or methodologies
- Strong hands-on experience with AWS security services
- Experience using Terraform for infrastructure and security automation
- Good understanding of networking concepts
- Familiarity with SIEM/SOC workflows and incident response
- Strong analytical and problem-solving skills
Nice to Have
- Security automation using (Python, Bash, AWS Lambda)
- Container / Kubernetes security
- SOAR experience
- Azure security experience
- Security certifications:
- Certified Information Security Systems Professional (CISSP)
- AWS Certified Security Specialty (SCS-C02)
- Certified Information Systems Auditor (CISA)
