Remote - US Remote (Country) Full-time USD 115,600 – 160,000 / year

Engine is hiring a Senior Security Engineer

Responsibilities

  • Own the configuration, tuning, and management of our SIEM solution.
  • Diagnose unusual threats through sophisticated analysis and develop the alerts needed to respond to security incidents across multiple layers.
  • Perform architecture reviews, code reviews, and infrastructure configuration reviews.
  • Conduct light penetration testing on web and mobile apps, identifying root causes of vulnerabilities and resolving them using creative problem-solving.
  • Maintain and optimize a vulnerability management CI/CD pipeline within our container/application delivery infrastructure.
  • Adapt proven methods to align security goals with business objectives, even when guidance is light.
  • Partner with development and infrastructure teams to enforce secure coding practices and remediation strategies.
  • Adapt your messaging across teams to reduce misalignment and move security work forward.
  • Build and maintain the frameworks and tooling for enterprise security, ensuring that security guidelines are clear and actionable for the broader engineering organization.
  • Play a key role in incident response and forensic investigations.
  • Weigh context and data thoughtfully to make smart decisions during high-pressure situations.
  • Stay current on the latest threats and provide direct, clear guidance to development teams.
  • Help develop security training to empower your peers and improve the team’s overall security posture.

Requirements

  • Highly skilled in one or more programming languages (e.g., Ruby, Java, Python, C#, Node.js).
  • Expertise in managing SIEM solutions with a focus on comprehensive, efficient alerting that reduces "noise".
  • Strong knowledge of Docker and Kubernetes, with hands-on experience in automated container vulnerability management.
  • Mastery of SAST, DAST, and IAST tools, with the ability to perform manual validation testing to confirm findings.
  • Deep knowledge of the OWASP Top 10, Mitre Top 25, and secure coding practices.
  • Ability to assess complex, ambiguous situations to identify root causes and provide thoughtful input on difficult security topics.
  • A track record of earning credibility with peers through clear, direct communication and a passion for mentoring others.
  • Experience working with cloud security concepts and compliance frameworks such as SOC 2 and PCI.

Additional Information

  • Applications for this role will be accepted through July 20th, 2026 until the role is filled.
  • We encourage you to apply early, as we may begin reviewing applications before the deadline.
Required Skills
DockerKubernetesSecure Coding Practices
About company
Engine
Engine is transforming business travel by building a platform that brings together corporate travel, a powerful charge card, and modern spend management in one place. The company serves over 20,000 companies and 1 million travelers.
All jobs at Engine Visit website
Job Details
Category security
Posted 2 hours ago