Facility Security Officer coordinating sensitive security programs at Booz Allen Hamilton. Ensuring compliance with security policies and conducting briefings while liaising with upper management.
About the role
- Staff Security Engineer architecting the security program at Pivotal Health. Lead the design and implementation of secure systems and compliance readiness.
Responsibilities
- Define and evolve Pivotal’s security architecture: Help shape the long-term security architecture of the platform, establishing patterns and guardrails that ensure infrastructure, networking, and services remain secure as the system scales.
- Build security directly into the platform: Design and implement automated controls, policies, and tooling that embed security into our infrastructure and engineering workflows rather than relying on manual review processes.
- Own infrastructure security and automation: Expand and strengthen Infrastructure as Code practices using Terraform to ensure infrastructure is provisioned securely, consistently, and auditable across environments. Where necessary, deploy and integrate security tooling that strengthens our detection, prevention, and response capabilities across the platform.
- Lead cloud and network security design: Design secure networking architectures including VPC configuration, private networking, firewall policies, and edge protections that safeguard internal systems and customer data. Over time, help extend security practices to any hybrid or on-premise infrastructure environments as the platform evolves.
- Secure development workflows and CI/CD systems: Establish best practices for secure build pipelines, dependency management, artifact integrity, and secure software delivery.
- Drive compliance readiness and regulatory maturity: Lead security initiatives required for frameworks such as SOC 2 and HIPAA, including control design, remediation work, audit preparation, and long-term security improvements.
- Translate compliance frameworks (SOC2, NIST, HIPAA) into actionable engineering tasks and automated controls that integrate smoothly with developer workflows.
- Act as a primary technical point of contact during audits and security reviews, confidently representing Pivotal’s security posture to auditors, partners, or customers when needed.
- Improve monitoring, detection, and operational visibility: Design systems that surface meaningful security signals across infrastructure and services, helping teams detect issues earlier and respond effectively.
- Reduce security toil through automation: Identify manual or repetitive security work and replace it with automated systems, tooling, and infrastructure improvements.
- Partner with engineering teams across the company: Operate as a technical partner to engineering teams, helping them design secure systems while preserving speed and developer experience. Serve as a “security champion” within the organization — collaborating with engineering and IT teams to identify vulnerabilities and work together on practical remediation solutions.
- Raise the bar for security engineering at Pivotal: Set technical direction, establish security standards, and mentor engineers as we continue to mature our platform and security posture. Develop guidelines and protocols for the responsible and secure use of emerging technologies, including AI and LLMs, within both our product and internal workflows.
Requirements
- 8+ years of experience building and securing cloud infrastructure, platform systems, or developer tooling
- Strong experience designing and operating secure cloud-native systems (AWS or GCP; GCP preferred)
- Deep hands-on experience with Infrastructure as Code, particularly Terraform
- Strong understanding of cloud networking and secure architecture (VPCs, private networking, routing, firewall policies)
- Experience securing CI/CD pipelines and modern software delivery systems
- Experience implementing secrets management and security controls across cloud environments
- Experience contributing to or leading security and compliance audits (SOC 2, HIPAA, ISO, NIST, or similar)
- Strong engineering fundamentals with the ability to explain security architecture and tradeoffs clearly to technical teams
- Strong computer science or software engineering foundation with the ability to communicate effectively "engineer-to-engineer."
- Familiarity with common security frameworks and principles such as the OWASP Top 10, OSI model, and modern cloud security practices.
- Experience participating in or supporting penetration testing, offensive security exercises, or vulnerability remediation efforts.
- You prefer pragmatic, custom-fit solutions over "buying your way out" of a problem with expensive, bloated enterprise tools.
- You are comfortable operating in a fast-moving environment where you may be both defining the strategy and executing hands-on technical work.
Benefits
- Competitive compensation, including equity
- Full health, dental, and vision coverage
- Retirement savings plan through 401(k)
- Flexible time off
- Opportunities for company-wide connection and events
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Sales Manager leading and mentoring the sales team for Pref - Tech, expanding market share in Austin, Texas. Overseeing sales goals, training, and client relationships in a hybrid work environment.
Intermediate Developer in Application Security at Clio, a legal AI leader. Build innovative solutions and collaborate with teams to prevent security vulnerabilities.
Senior Backend Developer focusing on security, vulnerabilities, and pentest at Evertec. Developing high - performance REST APIs and evolving a cloud - based microservices architecture in Brazil.
Consultant / Manager Cyber Security providing security consulting and system configuration for clients in a hybrid work environment. Analyzing security concepts and leading project teams in IT security measures.
(Senior) Consultant Cyber Security role focusing on Governance, Risk, Compliance in an international consulting firm. Involved in ensuring information security and advising clients.
Security Administrator for SONDA in Panama focused on network security and cybersecurity protocols. Involves designing secure networks and vulnerability analysis with incident response planning.
Administrador de seguridad en SONDA mejorando la calidad de vida a través de la tecnología. Monitoreo y soporte de plataformas de seguridad Checkpoint y Tipping Point.
Intern assisting in the development of AI tools for validating crash simulations at BMW Group. Collaborating in creating methods for airbag deployment analysis and machine learning.
Head of Information Security at Testronic overseeing security strategy, governance, and compliance in global operations. Ensuring robust security controls aligning with client requirements and regulatory standards.