Rockefeller Philanthropy Advisors is hiring a Senior Security Engineer to lead the implementation of security measures across the entire DevOps lifecycle. You will build secure systems, automate security processes, guide development and operations teams on best practices, and manage cloud infrastructure security and incident response.

What You'll Do

Maintain and strengthen cloud security architecture in line with SOC II compliance, collaborating with teams across development and operations.
Integrate security practices into CI/CD pipelines and DevOps workflows to support secure code deployment and infrastructure.
Perform vulnerability assessments, guide remediation strategies, and oversee cloud security (primarily AWS).
Ensure alignment with security standards such as OWASP, NIST, and GDPR while assisting with compliance goals.
Lead incident response efforts, conduct root cause analyses, and implement corrective actions.
Deploy monitoring tools to track, audit, and respond to security events effectively.
Provide training on secure coding, threat mitigation, and cybersecurity awareness for cross-functional teams.
Select and manage tools for security testing, vulnerability scanning, and threat detection.

What We're Looking For

5–7 years of experience in DevOps, Security, or related fields, including 2–3 years focused on DevSecOps.
Strong hands-on experience with cloud platforms (especially AWS), containerization (Docker, Kubernetes), and CI/CD environments.
Proficient with security tools like SonarQube, Crowdstrike, Mimecast, and Tenable.
Experience with infrastructure-as-code (Terraform, CloudFormation, Ansible) and scripting (Python, Bash).
Familiar with version control systems (Git, GitLab, Bitbucket) and security protocols (OAuth, SSL/TLS, PKI).
Strong grasp of network security, IAM, firewalls, encryption, and vulnerability analysis.
Excellent problem-solving, communication, and cross-team collaboration skills.

Nice to Have

Bonus if certified (e.g., CISSP, CISM).
Bonus if experienced in threat modeling.
Bonus if knowledgeable about microservices security.

Technical Stack

AWS, Docker, Kubernetes, SonarQube, Crowdstrike, Mimecast, Tenable
Terraform, CloudFormation, Ansible, Python, Bash
Git, GitLab, Bitbucket, OAuth, SSL/TLS, PKI

Benefits & Compensation

Compensation: $120,000 – $170,000
Comprehensive benefits package: medical, dental, vision, life insurance, and 401(k) with company match.
Generous PTO, parental leave, and employee support programs.
Full paid Winter Recess (Christmas–New Year).
Summer Fridays with 6-hour days.
Annual performance-based bonus eligibility.