Job Specifications
Remote Security Engineer
Full-Time | Remote | NO C2C
Summary
Our client is a well-funded, high-growth technology company powering a secure digital vault used by consumers and large enterprise partners to protect sensitive personal, legal, financial, and identity data. With major enterprise integrations and a rapidly expanding customer base, security is foundational to everything they build.
They are hiring their first dedicated Security Engineer to own and evolve application security, cloud security, and compliance in a highly technical, product-driven environment.
This is a hands-on, builder role for someone who enjoys working close to engineers, embedding security into how software is built, and leveraging modern tooling and automation (including AI-assisted workflows) to keep pace with fast-moving development teams.
Key Responsibilities
Application & Product Security
Partner directly with engineering to embed security into the SDLC
Design and implement automated security gates within CI/CD pipelines
Perform secure code reviews and guide developers on remediation
Strengthen API security and identify complex, logic-based vulnerabilities
Implement and tune SAST, SCA, and custom security checks beyond out-of-the-box scanners
Leverage AI-assisted tools (Copilot, Claude, agentic AI, or similar) to automate code analysis and security reviews
Cloud & Infrastructure Security
Own cloud security posture in AWS
Expand and operationalize CSPM using Wiz (or similar)
Implement and maintain AWS security services (WAF, GuardDuty, Shield, KMS, CloudTrail, IAM)
Establish cloud guardrails and baseline configurations
Secure AWS storage services and encryption layers
Security Operations
Monitor and triage alerts from cloud and security tooling
Build automation to improve signal-to-noise and reduce alert fatigue
Explore AI-driven approaches for log analysis, threat detection, and triage
Support incident response and coordinate with third-party monitoring providers
Identity & Enterprise Security
Help secure employee identities and SaaS access
Work with Microsoft Entra ID and Auth0 to strengthen IAM practices
Governance, Risk & Compliance
Own day-to-day SOC 2 operations in an already certified environment
Manage controls and evidence using Drata
Support audits and work directly with auditors
Perform vendor security assessments
Maintain security documentation and policies
Qualifications
Required
5+ years in Security Engineering, Application Security, Cloud Security, or similar
Strong hands-on AWS security experience
Experience building or integrating security into CI/CD pipelines
Application security background (secure coding, SAST, SCA, OWASP Top 10)
Experience with CSPM tools (Wiz, Prisma Cloud, Orca, Lacework, etc.)
IAM experience (Auth0, Microsoft Entra ID, Okta, or similar)
Exposure to SOC 2 and compliance operations
Comfortable reading code and understanding how vulnerabilities manifest
Strong communication skills and collaborative mindset
Preferred
Experience using AI-assisted or agentic tools for security workflows
AWS Security or Solutions Architect certification
Container and microservices security experience
DevSecOps background
Experience securing APIs at scale
About the Company
Please note: Our official domain is @globalsourceit.com. Any communication from @jobs-globalsourceit.com or @job-globalsourceit.com is not from our organization and should be treated as suspect.
Compass Statement:
To amplify project success. We close the gap between the business and technology by leveraging our ecosystem of enterprise professionals. Collaboration, building true community, and meticulous delivery are the pillars by which we drive value.
GlobalSource IT has been delivering ERP, CRM and BI consultants since...
Know more