Forward Deployed Engineer at Virtru enhancing data privacy and security initiatives within government environments. Leading integrations and deployments of data protection solutions with federal clients.
About the role
- Infrastructure Security Engineer responsible for integrating security into infrastructure workflows and automating security measures. Collaborating with SRE teams to maintain a secure infrastructure posture.
Responsibilities
- Partner with SRE and infrastructure teams to integrate security into infrastructure workflows, deployment pipelines, and operational practices
- Create and validate secure configuration templates for Terraform, CloudFormation, Ansible, and other infrastructure automation tools
- Develop deployment templates that embed security controls by default for common infrastructure patterns (VPCs, security groups, IAM roles, compute instances)
- Review and approve infrastructure code providing security guidance and validation before production deployment
- Conduct security assessments of infrastructure designs and deployment patterns in collaboration with SRE teams
- Establish security guardrails that enable infrastructure teams to move quickly while maintaining security standards
- Build automated audit systems to continuously validate infrastructure configurations against security baselines and compliance requirements
- Develop detection automation for identifying security misconfigurations, policy violations, and anomalous infrastructure changes
- Implement policy-as-code frameworks using Open Policy Agent (OPA), AWS Config Rules, Azure Policy, or Sentinel to enforce security standards
- Create automated remediation workflows for common security violations and configuration drift
- Build compliance validation automation to continuously assess infrastructure against CIS benchmarks, SOC 2, and other frameworks
- Develop security metrics and dashboards providing visibility into infrastructure security posture and trends
- Design and implement security architectures for hybrid and multi-cloud environments (AWS, Azure, GCP)
- Develop network security architectures including network segmentation, zero trust principles, and micro-segmentation strategies
- Build security baselines and hardening standards for servers, endpoints, containers, and cloud resources based on CIS benchmarks and industry best practices
- Design secure landing zones and account structures for cloud environments with appropriate guardrails and security controls
- Implement defense-in-depth strategies across network, host, application, and data layers
- Conduct security architecture reviews for infrastructure changes, new deployments, and technology adoption
- Implement and manage cloud security controls including security groups, NACLs, WAF, cloud firewalls, and encryption services
- Configure cloud security posture management (CSPM) tools to continuously assess and remediate misconfigurations
- Deploy and manage container security for Docker, Kubernetes, and container orchestration platforms
- Implement infrastructure-as-code security scanning and policy enforcement for Terraform, CloudFormation, and other IaC tools
- Secure cloud-native services including serverless functions, managed databases, object storage, and API gateways
- Manage secrets and encryption keys using vaults, KMS, and secure key management practices
- Develop and maintain security automation using Python, PowerShell, Bash, or Go for audit, detection, and remediation tasks
- Create reusable IaC security modules and templates for Terraform, CloudFormation, or Pulumi that SRE teams can leverage
- Implement IaC scanning and validation in CI/CD pipelines using tools like Checkov, Terrascan, tfsec, or custom validators
- Build security policy as code using tools like Open Policy Agent (OPA), Sentinel, AWS Config Rules, or Azure Policy
- Automate security testing of infrastructure deployments including configuration validation and compliance checks
- Collaborate with SRE teams to integrate security automation into GitOps workflows and deployment pipelines
- Support compliance initiatives for SOC 2, ISO 27001, PCI-DSS, HIPAA, or other frameworks
- Conduct infrastructure security audits and assessments against security standards
- Document security architectures and maintain system security plans (SSPs)
- Develop runbooks and procedures for security operations and incident response
- Generate compliance reports demonstrating security control effectiveness
- Work embedded with SRE teams to understand infrastructure patterns, deployment workflows, and operational needs
- Partner with infrastructure teams on architecture reviews, technology evaluations, and capacity planning with security considerations
- Provide security guidance on infrastructure projects, deployment strategies, and architectural decisions in real-time
- Train SRE and infrastructure staff on secure configuration practices, security tooling, and threat awareness
- Enable self-service security by creating documentation, runbooks, and templates that infrastructure teams can use independently
- Collaborate with peer security teams on application security, identity management, and security operations to ensure holistic coverage
Requirements
- 5+ years of hands-on experience in infrastructure security, network security, or systems engineering with security focus
- 3+ years working with cloud platforms (AWS, Azure, or GCP) with focus on security architecture and implementation
- Proven experience implementing security controls across hybrid environments (on-premises and cloud)
- Strong background in network security including firewalls, segmentation, VPNs, and network monitoring
- Experience with security hardening of Windows and Linux systems
- Deep knowledge of AWS, Azure, or GCP security services, IAM, networking, and security architecture
- Strong experience with Terraform, CloudFormation, Ansible, or similar tools including module/template development
- Proficiency with Open Policy Agent (OPA), Sentinel, AWS Config Rules, Azure Policy, or similar frameworks
- Strong skills in Python, PowerShell, Bash, or Go for building security automation and tooling
- Expertise with firewalls (Palo Alto, Cisco, Fortinet), network segmentation, VPNs, and IDS/IPS
- Strong knowledge of Windows and Linux administration, security hardening, and system internals
- Knowledge of Docker, Kubernetes security, and container orchestration
- Experience integrating security tools into GitLab CI, GitHub Actions, Jenkins, or similar platforms
- Hands-on experience with vulnerability scanners (Nessus, Qualys), CSPM tools (Wiz, Prisma Cloud), EDR/XDR platforms
- Experience with SIEM, log aggregation (Splunk, ELK), and security monitoring platforms
Benefits
- Flexible work arrangements
- Professional development opportunities
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Security Manager responsible for managing cybersecurity strategies and policies at a fast - growing FinTech company. Leading vulnerability management and collaborating effectively with cross - functional teams.
Forward Deployed Engineer enhancing operational excellence in data privacy and security initiatives for government clients. Involves collaboration with internal teams and daily engagement with government clients.
Security Software Engineer supporting software development teams in security lifecycle processes. Creating security concepts and assisting in web application security topics with a modern tech stack.
Intern or apprentice at PCtronics gaining exposure in IT operations, cybersecurity, and automation. Support client onboarding and documentation within a managed IT environment.
Cyber Security Engineer designing and developing cybersecurity tools and solutions for ADI Global Distribution. Role involves secure software development and cloud engineering to ensure cybersecurity integrity.
Cyber Security Engineer focusing on secure software development and cybersecurity solutions for ADI Global Distribution. Engaging with an international team to enhance software integrity and security practices.
Specialist in product security for TIAA focused on maintaining security throughout product lifecycles. Engaging in product development, vulnerability analysis, and team collaboration.
Head of IT, Security & Compliance ensuring the IT infrastructure and compliance at CameraMatics. Leading security initiatives and regulatory obligations in a hybrid work setting.
Security Officer conducting interior and exterior patrols to ensure safety and monitor access in data centers. Collaborating with clients and performing various security duties.