We are building an Agile Security Operations team where you’ll own the design and implementation of core application and cloud security controls.
This role offers an exciting opportunity for a security engineer who wants to take ownership of secure development practices, vulnerability management, and cloud posture hardening—bridging the gap between product engineering and security operations.
You’ll be hands-on with code reviews, automated scanning, container and serverless security, and partner closely with developers and DevOps to reduce risk in real systems.
This isn’t a policy-only role—it’s for someone who builds, automates, and drives security into the fabric of our applications and cloud infrastructure.
What You'll Own Application SecurityImplement and enhance secure code review practices with tools like SonarQube and SemgrepAutomate SAST/DAST scanning in CI/CD pipelines for services, APIs, and containersManage open-source library risk: SBOM generation, dependency scanning, CVE and license trackingPartner with developers to remediate findings and embed security into code review and release workflowsSupport penetration testing efforts and coordinate remediation of web, API, and business logic vulnerabilitiesAWS Cloud SecurityWork with our Cloud Security Posture Management solution to improve security controls across our AWS environment, including ECS/ECS-Anywhere workloads.Own the configuration and optimization of AWS security services (GuardDuty, Security Hub, Config, CloudTrail)Take ownership of encryption strategies using AWS KMS, certificate management, and secrets managementContainer & Serverless SecuritySecure our ECS and ECS-Anywhere container deployments with runtime protection and monitoringImplement container image scanning and vulnerability management workflowsDesign security frameworks for Lambda functions and serverless architecturesBuild security automation for container and function lifecycle managementAI & Emerging Technology SecurityContribute to the development and security of Qu’s AI infrastructure, including AWS Bedrock, Lambda, agentic frameworks, and Model Context Protocol (MCPs)Implement prompt hardening, secrets protection, and access controls for AI-powered servicesDevelop security monitoring and response strategies for AI agents and workloadsResearch and integrate best practices for AI model security, data protection, and complianceCompliance & GovernanceEnsure application and cloud environments meet SOC 2, PCI, and ISO compliance requirementsImplement automated compliance monitoring, drift detection, and reportingDesign and maintain security baselines and configuration standardsCreate compliance evidence collection workflows aligned to developer pipelines What You Bring AWS & Cloud Security ExpertiseExperience securing containerized applications (ECS, Docker) and serverless workloads (Lambda) in AWS2+ years of hands-on AWS security experience with demonstrated expertise in services like GuardDuty, Security Hub, Config, and CloudTrailAWS Security Specialty, Solutions Architect Professional, or equivalent certification (or readiness to earn certification)Application Security ExpertiseExperience working in SaaS.Strong knowledge of secure development practices and code review processesHands-on experience with SAST/DAST tools (e.g., SonarQube, Sentry, WIZ, Tenable Vulnerability Management, Snyk, Chainguard, Upwind, Orca)Experience with dependency and container image scanning (Trivy, Grype) and SBOM generationFamiliarity with penetration testing for web apps, APIs, and business logic vulnerabilitiesAI & Emerging Technology SecurityExperience (or strong interest) in securing AI services such as AWS Bedrock, agentic frameworks, or Model Context Protocol (MCPs)Understanding of prompt injection risks, model misuse, and secure integration of AI/LLM agentsAbility to design controls for AI data protection, secrets management, and monitoring AI-driven workloadsTechnical Leadership & AutomationProven track record of designing and implementing security architecture from scratchExperience with Infrastructure as Code (CloudFormation, Terraform) for security automationProficiency in scripting (Python, PowerShell, or similar) to build automations and incident response workflowsStrong knowledge of runtime protection and continuous monitoring for containers and cloud servicesOwnership & InnovationHistory of building security controls that scale with rapid business growth and technical debtAbility to work independently while collaborating effectively with DevOps and product engineering teamsStrong problem-solving mindset with bias for action and continuous improvementCustomer-focused approach to balancing business needs, compliance, and security requirements