SeniorSecurityEngineer

About the team: The Security Engineering team is responsible for protecting Sift’s products, infrastructure, and data while enabling our engineering organization to ship quickly and safely. We embed with product and platform teams, build and run security tooling, and design controls that scale across our cloud‑native environment. As a Senior Security Engineer, you’ll be a key technical contributor and subject‑matter expert, working on projects that materially reduce risk and strengthen Sift’s security posture. Role: In this role, you will design, implement, and operate security controls and tooling across Sift’s stack. You’ll work closely with Engineers, SREs, IT, and Legal/Compliance to secure our systems end‑to‑end—from application code and CI/CD pipelines to cloud infrastructure and identity. You will also help define our standards, mentor other engineers on secure practices, and contribute directly to audits and compliance efforts. What you’ll do: - Design and implement security controls and tooling across Sift’s infrastructure and applications (e.g., IAM policies, network controls, secrets management, endpoint protections, container and workload security). - Embed with product and platform teams to perform security design reviews, threat modeling, and code or configuration reviews for new features and services. - Improve the secure SDLC by integrating AI-powered scanning tools, security scanning (SAST/DAST, dependency and container scanning) into CI/CD, and by developing guardrails, templates, and best practices for engineers. - Own or co‑own vulnerability management workflows, from discovery and triage through remediation, including defining SLAs, coordinating with service owners, and tracking closure. - Develop automation (scripts, services, integrations) to detect misconfigurations, anomalous activity, or policy violations, and to reduce manual operational work for the security team. - Participate in security incident response (on‑call rotation or escalation