Security Engineer

📋 Description

• • Join Menlo Security Inc., a rapidly growing cybersecurity leader, as a forward-thinking Security Engineer. Our mission is to enable the world to connect, communicate, and collaborate securely without compromise, a mission that has become even more critical in today's evolving landscape. As we expand from 400 employees into our next phase of growth, fueled by significant investment from top-tier firms like Vista Equity Partners, General Catalyst, JPMC, American Express, HSBC, and Ericsson Ventures, we are seeking passionate, agile, and ethical talent to join our dynamic team.
• • In this pivotal role, you will be instrumental in shaping and securing our cloud architecture, with a primary focus on SecOps within a complex, multi-cloud environment encompassing both AWS and GCP. You will navigate and secure a sophisticated infrastructure that includes traditional virtual machines alongside modern managed and unmanaged container-based architectures. This position offers a unique opportunity to operate at the forefront of cloud security, driving innovation and ensuring the robust protection of our cutting-edge product.
• • As a key member of a lean and agile team, your core responsibility will be the aggressive automation of security processes. You will be tasked with deploying, integrating, and meticulously monitoring Jenkins and GitLab pipelines. This ensures that our “Security as Code” philosophy scales seamlessly with our infrastructure, embedding security directly into our development and deployment workflows. Your expertise will be crucial in the strategic deployment and ongoing management of Cloud Security Posture Management (CSPM), Cloud Native Application Protection Platform (CNAPP), and Cloud Workload Protection Platform (CWPP) tools. These tools will serve as critical force multipliers, enhancing our team's efficiency and effectiveness.
• • Your operational approach must be characterized by speed and a relentless pursuit of automation, moving beyond manual triage to proactive, intelligent security. Success in this role hinges on your ability to continuously tune alerting mechanisms, ensuring high-fidelity signals that minimize alert fatigue. You will be responsible for building sophisticated automated response workflows that can swiftly address security incidents, thereby maintaining operational resilience and minimizing potential impact.
• • A significant aspect of your role will involve conducting rigorous infrastructure reviews. You will meticulously examine cloud configurations, Identity and Access Management (IAM) policies, and orchestration layers to ensure they consistently meet our stringent security baselines. This critical work must be balanced with maintaining our rapid release velocity, ensuring that security enhancements do not impede our ability to innovate and deliver quickly.
• • Key responsibilities include driving multi-cloud governance across AWS and GCP by deploying and managing CSPM tools to detect and remediate misconfigurations. You will implement container security lifecycle strategies by integrating container image scanning into CI/CD pipelines, effectively shifting security left. Furthermore, you will deploy and tune CWPP tools to monitor workload runtime behavior and detect anomalies in both VMs and Kubernetes pods.
• • You will be a champion for advanced automation and Security Orchestration, Automation, and Response (SOAR), building automated response playbooks to enrich alerts, isolate compromised resources, and dismiss low-fidelity noise. Managing effective permissions across complex multi-cloud IAM structures and standardizing secret management workflows are also key duties. In collaboration with Technical Program Managers (TPMs), you will enforce compliance standards, oversee vulnerability scanning during software releases, and respond to customer inquiries regarding the impact of Common Vulnerabilities and Exposures (CVEs) on our product, ensuring customer trust and product integrity.
• • This role demands a pragmatic mindset, enabling you to prioritize risks based on runtime context and business impact, rather than solely relying on scanner outputs. You will design and maintain shared CI/CD security components (SAST/SBOM/Container Scanning) that are easily adoptable by engineering teams, minimizing friction and promoting widespread security adoption. Your expertise in securing managed and unmanaged container workloads, with a strong emphasis on automating runtime defenses and admission controllers, will be vital. You will also implement and manage Just-In-Time (JIT) access policies to replace manual ticket processes and eliminate standing privileges, significantly enhancing our security posture. Due to the role’s involvement in federal compliance activities, US citizenship is a requirement.