[Remote] Senior Security Engineer

Note: The job is a remote job and is open to candidates in USA. Hydrosat is a space and data analytics company building a new Earth Observation constellation and software to unlock the power of thermal infrared imagery. They are seeking a hands-on Sr. Security Engineer to mature and scale their security program, focusing on cloud security, application security, and vulnerability management within an AWS-based environment.

Responsibilities

• Implement, maintain, and improve security controls across AWS environments
• Support secure configuration of IAM, logging, monitoring, networking, and cloud services
• Operate and improve vulnerability management processes across infrastructure, applications, containers, and dependencies
• Triage security findings, assign ownership, track remediation, and drive closure with engineering teams
• Support SAST, SCA, DAST, SBOM, and container security workflows using tools such as Snyk and AWS-native services
• Help integrate security checks into CI/CD pipelines and development workflows
• Track remediation of penetration testing findings and validate closure of high-priority issues
• Support NIST 800-171 control implementation, evidence collection, and audit readiness activities
• Maintain accurate documentation of security controls, risks, exceptions, and remediation progress
• Support enterprise-grade security monitoring and incident response by leveraging centralized logging, alerting, and detection capabilities to identify, investigate, and respond to security events across the environment
• Assist with security monitoring, alert triage, investigation, and incident response activities
• Partner with Engineering, Platform, and IT teams to improve security processes without creating unnecessary friction
• Contribute to repeatable DevSecOps practices across teams

Skills

• 5+ years of experience in security engineering, cloud security, application security, DevSecOps, or related roles
• Strong hands-on experience with AWS security concepts and services
• Experience with IAM, logging, monitoring, networking, and cloud security best practices
• Experience with vulnerability management workflows and remediation tracking
• Familiarity with application security tooling such as SAST, SCA, DAST, SBOM, and container scanning
• Experience working with CI/CD pipelines and secure software delivery practices
• Experience with enterprise security monitoring and incident response, including centralized logging, alerting, and investigation of security events
• Ability to work directly with engineering teams to resolve security findings
• Strong documentation, tracking, and follow-through skills
• Highly self-motivated, practical, and able to operate in a fast-moving startup environment
• Strong team player with demonstrated ability to take ownership and drive execution
• Experience with NIST 800-171 or similar security/compliance frameworks
• Experience with Drata or similar GRC platforms
• Experience with Snyk or similar application security platforms
• Experience with Jira or similar tools for vulnerability tracking and exception management
• Experience with Kubernetes, container security, or cloud-native infrastructure
• Security certifications such as CISSP, CCSP, AWS Security Specialty, GSEC, GCIH, or similar are a plus

Benefits

• Employee options
• Health insurance: Medical, Vision, Dental
• Flexible time off
• Maternity, Paternity & Parental Leave
• 401K Matching

Company Overview