Principal Product Application Engineer collaborating on MOS design pipelines and providing technical support in Japan for Nexperia's semiconductor products.
About the role
- Senior Cloud Application Security Engineer securing Trulioo’s AWS-hosted SaaS platform. Collaborating with teams to automate security in CI/CD pipelines and safeguard application integrity.
Responsibilities
- Collaborate with DevOps, Engineering, and other stakeholders to design, implement, and operate cloud and application security capabilities across CI/CD pipelines and production environments
- Lead and support application security reviews and threat modeling, including code review, static, and dynamic testing
- Own and improve vulnerability management processes across application and infrastructure layers, including CI/CD-integrated workflows
- Establish and maintain AWS security guardrails, ensuring services are properly configured with effective monitoring, visibility, and alerting
- Design and implement Kubernetes and container security controls, including configuration standards, access controls, and runtime considerations
- Drive automation of security workflows to reduce manual effort and improve response times
- Support Infrastructure as Code (IaC) security practices, including Terraform-based deployments
- Monitor systems for irregular behavior, improve detection capabilities, and assist in incident response and investigation
- Track and report on the effectiveness of security controls and continuously improve security posture
- Research and evaluate emerging technologies and security trends to improve platform security and operational efficiency
Requirements
- Strong experience in cloud security, preferably AWS, with hands-on implementation of security controls and guardrails
- Experience securing containerized environments and Kubernetes platforms (RBAC, network policies, workload security), including designing and implementing controls in production environments
- Strong experience implementing security controls within CI/CD pipelines and influencing developer workflows
- Experience with vulnerability management across application and infrastructure layers, including prioritization and remediation workflows
- Hands-on experience with AWS security services such as SecurityHub, GuardDuty, IAM, Config, Control Tower, CloudWatch, and related tooling
- Strong DevSecOps experience with a cloud provider, ideally AWS (bonus points for AWS certifications)
- Strong scripting and automation experience (Python, Terraform, or similar), with a focus on reducing manual operational work
- Experience with monitoring and logging platforms (e.g., Sumo Logic or equivalent)
- Knowledge of security frameworks and standards (e.g., OWASP Top 10, ISO 27001, SOC 2)
- Strong technical background in Linux and cloud-based systems
- Ability to operate independently and prioritize effectively in a dynamic environment
- Strong problem-solving and critical thinking skills, with a focus on practical, scalable solutions
- Excellent communication and collaboration skills across engineering and security teams
- 5+ years of experience in cloud, application, or platform security, with demonstrated depth in AWS and modern cloud-native environments
- Bachelor’s degree in computer science, engineering, or equivalent experience.
Benefits
- Comprehensive Benefits: We provide a robust benefits package for full-time, permanent employees, including health, dental, and vision coverage, retirement plans with company match, paid time off, parental leave, and an annual education & training stipend (equivalent to $1,000 in local currency).
- Flexible Hybrid Working Environment: Our offices are designed to support both collaboration and flexibility. Enjoy weekly lunches, quality coffee, and regular social events. Many locations also feature parent rooms, on-site gyms, comfortable lounges, and adaptable workstations to support your comfort and productivity.
- Wellness: We care about your well-being. Team members have access to wellness workshops and events, as well as a complimentary Headspace subscription to help you stay focused, grounded, and energized.
- Employee Resource Groups: Belonging is an important part of doing your best work. Our ERGs provide an inclusive space, support and community for employees of diverse backgrounds and allies.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
IT Applications Engineer managing Microsoft 365 environment for Stone King's IT Team in a hybrid role. Collaborating with specialists and maintaining application performance.
Senior Application Engineer responsible for control code for military marine power plants. Collaborating with teams to deliver mission - critical power - management solutions.
Assistant Manager in Application Engineering at Tenneco focusing on gaskets and heat shields. Working on design proposals and customer coordination for automotive products in Pune.
Field Application Engineer supporting high - tech products and customer service in industrial measurements at Vaisala. Working independently on technical challenges and collaboration with sales and R&D teams.
Application Support Engineer supporting client - facing operations and product implementations for financial technology. Responsible for handling operational issues and providing support across various channels.
Quantum Applications Engineer developing quantum algorithms and applications, mapping them to Atom Computing hardware. Collaborating with partners to advance quantum computing solutions.
Application Engineer responsible for creating bids and coordinating technical offers in water transport projects at Xylem. Collaboration with engineering firms and project management for optimal cost calculations.
Electrical Application Engineer providing power transmission and Motion Control expertise for SEW - EURODRIVE. Driving sales activity and maintaining customer relationships in the Boston area.
Manager leading data engineering and applications for Xcel Energy, ensuring reliability and scalability of pipelines. Overseeing a team to deliver data services and maintain standards.