Senior Platform Security Engineer

As a Senior Platform Security Engineer, you will play a pivotal role in detecting, assessing, and remediating vulnerabilities across the platform engineering stack — from bare-metal infrastructure and container orchestration through to cloud services and software supply chains. You will collaborate closely with Platform Engineering and DevOps teams to embed real-time threat detection and vulnerability management into the development lifecycle, ensuring our infrastructure is resilient, continuously monitored, and hardened against emerging threats.

Responsibilities

• Own the design and operation of vulnerability management program across the platform engineering stack, including infrastructure, containers, and cloud services
• Implement and tune real-time security monitoring and threat detection tooling, ensuring high-fidelity signal across our HPC and cloud environments
• Partner with Platform Engineering and DevOps teams to integrate security scanning and vulnerability assessment into CI/CD pipelines and Infrastructure-as-Code workflows
• Lead vulnerability triage and prioritization, working with engineering teams to drive timely and effective remediation of identified risks
• Conduct platform-level security assessments, contributing to threat modelling and attack surface analysis across our infrastructure and software supply chain
• Develop automation to continuously assess the security posture of our platforms, reducing manual effort and improving detection coverage
• Contribute to the continuous improvement of platform security practices, tooling, and processes, helping foster a security-first culture across engineering

Requirements

• 6+ years of experience in security engineering, with a strong focus on platform, infrastructure, or application security
• Hands-on experience with vulnerability management tooling and real-time security monitoring platforms (e.g. Qualys, Tenable, Wiz, Lacework, Prisma Cloud, or similar)
• Strong understanding of software and infrastructure security, including container security, supply chain risk, secrets management, and secure configuration
• Experience securing container orchestration platforms such as Kubernetes and OpenStack, and cloud environments including AWS and/or Azure
• Proficiency in Linux and familiarity with how platform engineering teams build and operate infrastructure
• Experience integrating security tooling into CI/CD pipelines and IaC workflows, with scripting ability in Python, Bash, or similar
• Good knowledge of vulnerability scoring frameworks (CVSS), exploit maturity, and risk-based prioritization
• A strong interest in the security domain and a collaborative approach to working with engineering teams to solve complex technical problems

Nice to Have

• Experience with runtime threat detection tools such as Falco or eBPF-based security tooling
• Familiarity with software supply chain security frameworks (e.g. SLSA, SBOM generation, Sigstore)
• Background working within or alongside a SOC or threat intelligence function
• Relevant certifications such as OSCP, GIAC (GPEN/GWAPT/GCSA), AWS Security Specialty, or equivalent