Senior Security Engineer

5+ years of full time core, relevant InfoSec experience
Intimate familiarity with AWS cloud security, experience automating security processes in cloud environments
Proficiency in threat modeling, design reviews and security testing of various types of applications, technologies and platforms
Hands-on experience with CI/CD and DevOps tools
Ability to write automation scripts, ideally in more than one language
Experience in vulnerability/threat management activities at the infrastructure, platform, and application level
Experience with penetration tests/red team exercises, ideally the type that involve manual verification, exploitation, lateral movement, etc.
Expertise with event management/SIEM solutions, data modeling associated with building event detection and alerting capabilities
Able to come into our San Francisco, CA office once a week

Design, develop, and deploy security mechanisms to protect against adversarial attacks, data breaches, and other security vulnerabilities
Design and build robust threat detection, monitoring, investigation workflows response architectures and the components of the security analytics platform
Monitor and evaluate operational/security alerts
Conduct Threat Modeling, Design Reviews and Security Testing
Communicate risks to engineering staff through training and technical demonstration of vulnerabilities and secure design patterns
Partner with the DevOps team to orchestrate/automate security controls in the Ethos infrastructure/platform
Lead the vulnerability management lifecycle at the infrastructure, platform, and application levels
Participate in investigations, threat hunting, and incident response activities; build playbooks for specific incident response scenarios
Assist with compliance activities, such as SOC2 control implementation and testing, vendor risk assessments, etc.

No preferred qualifications provided.