Remote Security Engineer

at Zaelab

Posted 8 hours ago 1 applied

Description:

  • As a Security Engineer, you will own end-to-end security across multiple enterprise and mid-market cloud projects.
  • Your initial mission is to embed automated controls and best practices into every AWS- and Azure-based delivery, shifting the organization from reactive fixes to a proactive security posture.
  • You will report directly to the Director of Engineering, Cloud, and partner daily with Technology, Cloud, Engineering, and Account-Management teams.
  • You will act as a client-facing security authority, able to brief both technical staff and C-level executives.
  • Your responsibilities include designing, implementing, and enforcing comprehensive Secure SDLC processes, integrating automated security controls, threat modeling, secure coding standards, and continuous security testing throughout the entire development lifecycle.
  • You will develop, document, and enforce security policies in our Confluence-based knowledge base and project DMS.
  • You will harden multi-account AWS and Azure estates, including EC2, S3, IAM, VPC, CloudTrail, CloudFront, Virtual Machines, Storage Accounts, Key Vault, NSG, Policy, and Monitor.
  • You will deploy and tune SIEM/log-management platforms such as Splunk, ELK, and Microsoft Sentinel, crafting queries and dashboards that surface actionable threats.
  • You will run scheduled and continuous vulnerability scans using tools like Qualys, Rapid7, and Defender, interpret results, and drive remediation with Engineering.
  • You will configure and manage security edge controls, including firewalls, WAFs (Akamai, AWS/Azure WAF), and IDS/IPS, tailored to each clientโ€™s risk profile.
  • You will integrate SCA (Trivy, Grype, Snyk) and DAST (OWASP ZAP) tooling into build pipelines and champion secure-by-design coding practices.
  • You will lead security architecture reviews and threat-model sessions with cross-functional, multi-country delivery teams.
  • You will present findings, roadmaps, and risk mitigation strategies directly to enterprise clients, translating technical issues into clear business impact.
  • You will continuously evaluate emerging threats, Zero-Trust patterns, and supply-chain risks, recommending tooling and process improvements that keep the organization ahead of third-party scans.

Requirements:

  • You must have 7+ years of hands-on security engineering experience in cloud-native, agile environments.
  • You should possess expert knowledge of core AWS and Azure services and how to secure them at scale.
  • Proven SIEM experience, including log ingestion, correlation rule creation, and dashboarding, is required.
  • A deep understanding of vulnerability management tools and remediation cycles is necessary.
  • You should have practical experience with WAF/IDS/IPS configuration, network protocols (TCP/IP, DNS, HTTP), and Zero-Trust/IAM best practices (AD, Azure AD, Okta).
  • You must be comfortable operating as a solo security function, setting the standards, choosing the tools (with budget approval), and driving adoption company-wide.
  • A consultative mindset with excellent written and verbal English skills is essential, as you will need to brief board-level stakeholders and guide client teams through complex security topics.
  • It is a plus if you have experience with container and Kubernetes hardening, DevSecOps pipeline design, CNAPP familiarity, compliance frameworks (SOC 2, ISO 27001, PCI DSS), and industry certifications (CISSP, AWS Security Specialty, Azure Security Engineer Associate, CKS).
  • Experience working with US clients is also a plus.

Benefits:

  • Competitive compensation depending on experience and skills is offered.
  • You will receive unlimited, paid time off and vacation.
  • There is a budget for certifications and IT conferences.
  • You will work with a friendly team around the world.
  • You will be a team player in an agile software development environment focused on collaboration and continuous integration.
  • Comprehensive health insurance and retirement benefits are provided, including Health Insurance and a 401(k) plan in the United States, and Health Insurance and an Employer-Sponsored Retirement Plan in Canada.