About the Role
We are seeking a highly skilled Security Software Engineer to join a fast-moving Cloud Security team on a contract engagement. This role is ideal for a hands-on engineer who thrives in execution-focused environments and can quickly step into in-flight security initiatives to drive them to completion.
You will take ownership of partially built automation pipelines, reporting systems, and AI-assisted remediation workflows, contributing directly to improving vulnerability management and cloud security posture.
Key Responsibilities
- Take ownership of existing vulnerability management and cloud security automation initiatives and drive delivery within a contract engagement
- Complete Wiz issue mapping automation, including API-driven correlation scripts, payload enrichment, and ticket routing across systems
- Build and maintain patch reporting dashboards and metrics, including EOL tracking and kernel patching insights
- Contribute to AI-driven remediation workflows, enhancing “Done For You” (D4U) agents and integrations for automated vulnerability resolution
- Support migration of Rapid7 Hosted Console (including backups, credential migration, and rule cleanup)
- Develop and deploy custom security tooling to detect, report, and remediate infrastructure vulnerabilities
- Work within existing JIRA backlogs and documentation to ensure seamless continuation of work
- Participate in on-call rotation and function as a Security SRE for vulnerability management tickets
- Collaborate cross-functionally and maintain clear technical documentation, including TDDs and status updates
Required Qualifications
- Bachelor’s degree or equivalent experience with 4+ years in Security Engineering, DevSecOps, or Cloud Security Automation
- Hands-on experience with Wiz, including API integrations, policy configuration, and reporting
- Strong programming skills in Python for building automation against security tools and APIs
- Working knowledge of Terraform and GCP CLI (Golang is a plus)
- Experience building security dashboards and reporting using data from tools like JIRA, SIEMs, and vulnerability platforms
- Strong expertise in JIRA automation, including JQL, APIs, and cross-system ticket synchronization
- Experience with workflow automation platforms (Tines strongly preferred)
AI & Automation Experience (Required)
- Daily use of AI coding assistants (e.g., Copilot, Cursor, Claude Code)
- Experience integrating LLMs into workflows (e.g., remediation suggestions, ticket summarization, log triage)
- Familiarity with agent-based workflows, MCP servers, or tool-use patterns is a strong plus
Cloud & Security Expertise
- Experience securing cloud environments in GCP (preferred) or AWS
- Knowledge of IAM, VPC Service Controls (VPCSC), perimeters, and workload identity
- Strong understanding of vulnerability management processes and tools
