Note: The job is a remote job and is open to candidates in USA. ActiveCampaign is the autonomous marketing platform for people at the heart of the action. They are seeking a Senior Security Engineer to own and advance the security of their cloud estate, architecting controls across AWS infrastructure and building automation necessary to scale security without scaling headcount.
Responsibilities
- Define and drive cloud security architecture and secure-by-default patterns across our AWS environment (IAM, VPC design, network segmentation, encryption, and KMS)
- Own and optimize our CNAPP tooling (Wiz), turning runtime, posture, and vulnerability signals into prioritized, automated remediation workflows
- Engineer security directly into our CI/CD and Infrastructure-as-Code workflows, embedding build-time scanning and supply chain guardrails before code ships
- Harden containerized workloads, cluster configurations, workload isolation, and image supply chain integrity
- Build production-grade automation in Python using our SOAR platform to eliminate manual toil, drive auto-remediation, and streamline vendor integrations
- Partner cross-functionally with Identity and SecOps teams to close cloud detection blind spots, feed high-fidelity telemetry into security operations, and re-architect authentication design
- Prototype and evaluate emerging data sources and cutting-edge tooling, including AI/LLM-driven approaches to scale cloud security work
Skills
- 5+ years of hands-on experience in security engineering, with deep, proven ownership of cloud security in an AWS-primary environment
- Strong technical proficiency in Infrastructure-as-Code, specifically reading and writing Terraform to enforce AWS IAM, VPC segmentation, and encryption patterns as code rather than documentation
- Expertise with CNAPP/CSPM platforms (Wiz, Orca, or similar) at the level of tuning policy, driving engineering remediation pipelines, and system integration
- Practical experience securing containerized workloads on Kubernetes (EKS or equivalent), including cluster hardening, image scanning, and runtime protection
- A solid grasp of CI/CD security, including artifact/supply chain integrity and embedding guardrails into pipelines without becoming a blocker to engineering velocity
- Proficiency in Python for building real-world automation, auto-remediation workflows, and data pipelines
- An engineering-first mindset with exceptional collaboration skills, allowing you to partner seamlessly with platform and operations teams to solve complex infrastructure challenges
Benefits
- Top-tier benefits package that includes a fully-covered High Deductible Health Plan (HDHP), complimentary access to telehealth services, and a free subscription to Calm.
- Access to LinkedIn Learning, professional development programs, and career growth opportunities in a fast-growing organization.
- Recharge and take the time you need to maintain work-life balance with open PTO.
- Generous 401(k) matching with immediate vesting, quarterly perks with commuter and lunch benefits for hub based employees or a stipend for remote workers, and a four-week paid sabbatical with bonus after five years.
- Work alongside brilliant, passionate colleagues in an environment that values innovation, teamwork, and mutual support.
Company Overview
Company H1B Sponsorship