Job Description

Position Summary

The GoodLeap security team is responsible for both business enablement and safeguarding the organization’s information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap’s customers, partners, and employees information.

The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap to design, build, implement, and operate security and fraud monitoring, detection, and response capabilities.

Your Oversight Will Encompass

• Security & Fraud Monitoring, Detection, and Response : Identification of potential misuse and abuse cases, determining corresponding events associated with manifestation of such scenarios, design of identification and detection solutions –e.g., correlated/iterative event searches across log sources ranging from infrastructure to applications/SaaS platforms, testing, implementation, monitoring, and fine-tuning of these solutions, etc.
• Toolset design and operations : Design and build the monitoring, detection, and response platform, from tool selection and integration – e.g., SIEM, SOAR, agentic SOC, EDR, to daily operations/management
• Incident Response : Play a leading role in the definition, refinement, and execution of incident response activities.
• Overall Security Operations : Management and operation of security platforms/solutions outside monitoring, detection, and response platform.
• Support Embedded Product Security Team : Design, build, and implement monitoring and detection solutions for GoodLeap products and services.

Essential Job Duties & Responsibilities

• Lead, participate in, and contribute to security and fraud monitoring, detection, and response activities, inclusive of investigations, threat hunting,etc. Create playbooks for specific incident response scenarios.
• Identify potential misuse and abuse cases in enterprise systems, propose solutions to detect these scenarios, and identify and implement monitoring and detection solutions for such scenarios.
• Support or develop components of the security analytics platform.
• Support embedded (product) security team.
• Support general security operations team with vulnerability management, tools management, and more.

Required Skills, Knowledge & Abilities

• Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences.
• Expertise in security event management, monitoring, threat hunting, incident response, playbook creation, orchestration/automations, etc.
• Experience with threat modeling methodologies.
• Expertise with EDR solutions/platforms, such as CrowdStrike, S1, Palo Alto Cortex EDR, etc.
• Experience with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus).
• Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. · Experience designing, configuring, and implementing security and fraud monitoring for core enterprise systems, e.g., ERP, HCM, Salesforce, etc.
• Experience working with and creating solutions based AI and ML toolsets – e.g., creation of AI skills, agents, MCP clients, vibe coding.
• Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases.
• Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault.
• Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed.
• Prior experience interfacing and supporting teams outside of security – e.g., internal product teams and other cross-functional areas.
• Proficiency in writing automation scripts in multiple languages and integrating with REST/GraphQL APIs to orchestrate workflows between security tooling and third-party cloud/SaaS platforms, automating detection, response, and operational processes. · Experience engaging with vendors in design partnerships.
• Experience overseeing vulnerability and threat management at the platform and application levels.
• Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement.
• Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution

Job Tags

Remote job, Full time

Similar Jobs