Security Engineer

Role Summary

We are seeking a Risk Engineer with strong technical acumen to design, prioritize, and enable risk-reducing technical solutions across complex cloud and enterprise environments. This role emphasizes solution engineering over process engineering—using risk frameworks, policies, and controls as inputs to architect practical, automatable, and scalable technical safeguards.

The ideal candidate thinks like an engineer first and a risk professional second: someone who understands how systems actually fail, how controls can be enforced through code and architecture, and how risk intent is translated into resilient technical designs.

Key Responsibilities

• Engineer technical risk solutions that reduce operational, cyber, and resilience risk through architecture, automation, and control design.
• Translate risk requirements, policies, and standards into implementable technical patterns, guardrails, and reference architectures.
• Prioritize and influence solution design decisions based on risk impact, blast radius, and recovery dependencies.
• Partner with platform, cloud, security, and SRE teams to embed risk controls directly into infrastructure and pipelines.
• Evaluate control effectiveness using technical signals and evidence, not just procedural compliance.
• Support initiatives such as secure cloud architectures, isolated recovery environments, identity and access hardening, and infrastructure resilience.
• Provide technical guidance on risk tradeoffs, recovery sequencing, and dependency-aware system design.
• Contribute to lightweight process definition where needed—but always in service of enabling better technical outcomes.

Preferred Technical Skills

• Backup, recovery, and resilience solution architectures

• Isolated Recovery Environment(IRE) design and implementation in GCP

• Cloud Platforms: Google Cloud Platform (GCP)
• Infrastructure as Code: Terraform (required)
• Configuration Management / Automation: Ansible
• Programming / Scripting: Python
• Supporting Knowledge (nice to have):
  • CI/CD pipelines and policy-as-code
  • Cloud IAM, networking, and control planes
  • Observability, logging, and evidence automation
  • GRC Platforms: Archer, ServiceNow
  • ITIL-based IT Service Management (ITSM)
  • Familiarity with Agentic AI Frameworks

Required Qualifications

• 7+ years in IT operations & engineering, security engineering, platform engineering, SRE, or technical risk roles

• Backup, recovery, and resilience solution architecture implementations, especially IRE’s.

• Proven ability to design and influence technical solutions across teams
• Strong understanding of how risk manifests in distributed systems, cloud platforms, and automation
• Comfortable operating between engineering teams and risk stakeholders
• Ability to explain complex technical risk concepts to non-technical audiences without losing fidelity