Senior Security Engineer

Job Description
The Senior Security Engineer is a high-impact role focused on supporting and automating MX's security operations, with an emphasis on remediation activities, alert response, and maintaining security hygiene across cloud and on-premises environments. This is not just a 'response' role; you will implement scalable solutions that eliminate classes of vulnerabilities, automate remediation, and empower our engineering teams to move fast without compromising security.

This position combines technical expertise with cross-team collaboration, promoting secure practices within engineering and operations teams.
Reporting to the Director of Security Architecture and Engineering, and working alongside security architects and engineers, the Senior Security Engineer assists in the implementation and maintenance of security controls. They provide hands-on support for remediation efforts, review infrastructure changes, and contribute to streamlining security processes. This role collaborates with Cloud Engineering, Dev Ops, Platform, Application Development, and Security Operations teams to apply secure-by-design principles while ensuring compliance with risk and regulatory requirements.

Responsibilities
Vulnerability Management and Remediation
Drive and improve the vulnerability remediation lifecycle efforts by identifying, prioritizing, and coordinating fixes for software vulnerabilities across systems and applications.
Collaborate with development and operations teams to implement patches, updates, and mitigations in a timely manner.
Develop the tooling and CI/CD integrations that provide developers with real-time feedback and automated remediation paths.
Cloud Posture and Configuration Remediation
Monitor and remediate cloud misconfigurations in AWS (primary) and GCP (secondary), using tools like Crowd Strike Falcon Complete CSPM/CNAPP or equivalents for posture management and drift detection.
Enforce governance standards through automated checks, templates, and least-privilege controls.
Secrets Management Remediation
Identify and remediate exposed secrets, ensuring they are not stored in version control systems or publicly accessible locations.
Promote the use of secure secrets management tools and practices, such as integrating with vaults and rotation policies.
Security Alert Response
Respond to security alerts from tools including Web Application Firewalls (WAF), firewalls, Endpoint Detection and Response (EDR), and Secure Access Service Edge (SASE).
Act as a Detection Engineer by analyzing alert patterns to build high-fidelity automated responses. Focus on reducing 'toil' by engineering out false positives and building orchestration (SOAR) workflows that handle routine incidents without human intervention.
Process Streamlining and Automation
Identify opportunities to improve security operations by enhancing documentation for remediation and response processes.
Collaborate with detection and response engineering SMEs to develop automated workflows and orchestrate responses, reducing manual effort over time.
Infrastructure as Code (IaC) Reviews
Review IaC merge requests (primarily Terraform) for adherence to security best practices, including the principle of least privilege.
Provide feedback and recommendations to ensure secure configurations in infrastructure deployments.
Identity and Access Management Support
Own the evolution of our Identity-first security strategy. You will design and implement Zero Standing Privilege (ZSP) and Just-in-Time (JIT) access patterns, ensuring that identity is a seamless, automated part of the developer workflow.
Promote zero standing privilege models to eliminate long-term access where possible.
Security Hygiene Oversight
Monitor and ensure ongoing security hygiene across key areas: vulnerabilities, cloud configurations, EDR coverage, Kubernetes security (e.g., pod policies, network segmentation), and container scanning.
Verify that security tooling (e.g., scanning, monitoring, and detection systems) is functioning optimally, troubleshooting issues and recommending improvements.
Compliance and Governance Support
Assist in building and automating controls for SOC 2, PCI DSS, and internal standards; support evidence collection for audits.
Participate in assessments to identify control gaps and collaborate on remediation plans.
Contribute to metrics and reporting on security posture.
Evangelism, Mentorship & Cross-Team Enablement
Support the promotion of security best practices through participation in workshops, office hours, and pairing sessions with teams.
Mentor junior engineers on secure implementation patterns and provide hands-on guidance.
Help maintain documentation such as runbooks, guides, code samples, and checklists.
Act as a technical resource for security implementation questions and support.
Qualifications
5+ years of hands-on experience in security engineering, Dev Ops/SRE, or security operations with demonstrated impact in remediation and response.
Proficiency in at least one programming…