Senior Security Engineer

📋 Description

• • Own end-to-end cloud and infrastructure security for Plaud’s AWS/GCP environments, including remediation of credential exposures, deployment and tuning of CSPM tools, and embedding IaC security gates (Checkov/Terraform) into CI/CD pipelines to enforce compliance from code to deployment.
• • Implement Zero Standing Privileges architecture using Just-in-Time (JIT) access and Cloud Infrastructure Entitlement Management (CIEM) to minimize attack surface and enforce least-privilege principles across all production systems.
• • Design, deploy, and operate the company’s SIEM platform from scratch, authoring and tuning 30+ detection rules mapped to MITRE ATT&CK framework spanning cloud telemetry, endpoint, and SaaS data sources, with continuous refinement to reduce false positives and maintain detection fidelity.
• • Lead incident response for P1/P2 security events end-to-end, including development of playbooks for at least four incident categories, coordination with engineering and product teams, and driving mean time to detect (MTTD) to ≤60 minutes across all infrastructure.
• • Build and maintain the continuous operational evidence package required for SOC 2 Type II audit readiness by Q4 2026, including log retention policies, alert audit trails, control review cadences, and written narratives for Cloud Security and SecOps controls.
• • Ensure compliance with SOC 2 TII controls CC6 (logical access) and CC7 (monitoring & detection), aligning security practices with third-party auditor expectations and maintaining 90%+ vulnerability SLA compliance with clear remediation tracking.
• • Produce monthly security reports for leadership, including risk posture summaries, control effectiveness metrics, and vulnerability trends; deliver H1 risk governance reports and ensure all controls are demonstrably operational and documented.
• • Integrate and optimize cloud-native security tooling such as AWS Security Hub and GCP Security Command Center, ensuring full coverage across all accounts and alignment with CIS Benchmarks (L1/L2).
• • Leverage LLMs daily as part of security workflow—automating alert summarization, generating detection rule drafts, drafting SOAR playbooks, and auditing IaC policies— with ability to demo AI usage from the prior two weeks during interviews.
• • Operate independently to build security infrastructure from zero: selecting tools, establishing baseline configurations, defining policies, and creating runbooks without inheriting an existing mature program or legacy systems.
• • Maintain deep alignment between detection engineering and cloud infrastructure security domains to ensure seamless SOC 2 Type II audit readiness and real-time threat visibility across hybrid hardware-software AI systems.