Senior Platform Security Engineer
Overview
The Platform Security Engineer will be responsible for advancing the organization's security posture across infrastructure, applications, and cloud environments. This role requires deep expertise in vulnerability management, threat detection, and secure platform engineering, alongside strong collaboration with DevOps, engineering, and security teams. The ideal candidate brings a proactive, automation-first mindset and thrives in fast-paced, highly technical environments.
Key Responsibilities
- Implement security across cloud (AWS/Azure), Kubernetes, and bare-metal infrastructure
- Lead and mature the vulnerability management program (detection, triage, prioritization, remediation) using risk-based approaches (CVSS, exploit maturity)
- Perform threat modeling, attack surface analysis, and continuous security posture assessments
- Build real-time threat detection and monitoring using tools such as Falco and eBPF-based solutions
- Secure CI/CD pipelines, IaC, and software supply chain (SBOM, SLSA, Sigstore)
- Drive container and cloud security best practices, including secrets management and secure configuration
- Automate security processes through scripting (Python, Bash, Go) and tooling integration
- Partner cross-functionally with engineering, DevOps, and security teams to embed a security-first culture
Required Qualifications
- 6+ years of experience in security engineering with a focus platform, application, or infrastructure security
- Strong expertise in vulnerability management and security tooling (e.g., Wiz, Prisma Cloud, Tenable, Qualys, Lacework)
- Hands-on experience with AWS/Azure, Kubernetes, CI/CD, and IaC
- Knowledge of runtime security, container security, and threat detection
- Proficiency in Python, Bash, or Go
- Certifications such as OSCP, GIAC (GPEN/GWAPT/GCSA), or AWS Security Specialty
Preferred Qualifications
- Experience with High-Performance Computing (HPC) or large-scale distributed systems
- Background working within or alongside a SOC or threat intelligence function.
- Experience building or scaling security programs in cloud-native environments
- Industry certifications such as:
- OSCP
- GIAC (GPEN, GWAPT, GCSA)
- AWS Security Specialty
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your resume and details on file so when we see similar roles or see skillsets that drive growth in organizations, we will always reach out to discuss opportunities.
Yes. Even if this role isnāt a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.
That's why we recommend registering your resume so you can be considered for roles that have yet to be created.
Yes, we help with resume and interview preparation. From customized support on how to optimize your resume to interview preparation and compensation negotiations, we advocate for you throughout your next career move.