ForHire

Senior Security Engineer

Amplitude
Full-time
San Francisco, CA
$161,000 - $266,000
Posted on 5 months ago

Job Description

As a Senior Security Engineer, you'll lead security initiatives across infrastructure and product engineering, bringing a DevSecOps mindset to building automation and secure, scalable systems. You’ll collaborate closely with engineering teams and work across a wide range of domains including cloud security, container security, application security, and developer tooling.

Responsibilities

  • Harden AWS and Kubernetes environments through automation, policy-as-code, and guardrails
  • Own and evolve our DevSecOps strategy across infrastructure and application pipelines
  • Drive end-to-end secure development practices: integrate security into CI/CD, build pre-commit hooks, and improve developer productivity without sacrificing security
  • Create and implement lightweight, scalable security controls that support fast-moving teams
  • Partner with engineering to identify and mitigate risks in architecture, design, and implementation stages
  • Participate in an on-call rotation to resolve critical/high-risk security issues as well as respond to security incidents with urgency and clarity
  • Identify opportunities to fix systemic gaps, reduce recurring pain points, and avoid reactive “whack-a-mole” cycles

Requirements

  • 4+ years of experience in security engineering with a strong focus on DevSecOps and secure cloud infrastructure on AWS
  • Hands-on expertise with infrastructure-as-code tools (Terraform, CloudFormation) for AWS, as well as the Kubernetes ecosystem of tools
  • Strong coding/scripting skills in Python, Bash, or equivalent languages for automating security tasks
  • Experience with CI/CD platforms and integrating security controls early in the pipeline
  • Comfortable navigating ambiguity, driving clarity, and leading through execution in fast-paced environments
  • Willingness to go above and beyond, including submitting fixes and supporting teams directly when needed
  • Experience using AI to automate security tasks is a significant plus
  • Familiarity with application security concepts is preferred, but not required

Benefits

  • No benefits