Key skills
Security engineeringInfrastructure engineeringApplication securityB2B SaaSCloud-native environmentGoogle Cloud PlatformAmazon Web ServicesIAMLoggingMonitoringSecurity servicesPythonGoJavaSecurity automationAI/LLM security risksSecure application designSystem designAuthenticationAuthorizationEncryption in transitEncryption at restLeast-privilege accessSecrets managementVulnerability scannersSASTDASTSIEMCentralized loggingEndpoint protectionCloud security posture managementOWASP Top 10Supply-chain risk mitigationAILLMAWSGCPSaaSSDLCCI/CDCommunicationOWASPCloud Security
About this role
Sift is the AI-powered fraud platform securing digital trust for leading global businesses. As a Senior Security Engineer, you’ll design, implement, and operate security controls and tooling across Sift’s stack, working closely with various teams to secure systems end-to-end and mentor other engineers on secure practices.
Responsibilities:
- Design and implement security controls and tooling across Sift’s infrastructure and applications (e.g., IAM policies, network controls, secrets management, endpoint protections, container and workload security)
- Embed with product and platform teams to perform security design reviews, threat modeling, and code or configuration reviews for new features and services
- Improve the secure SDLC by integrating AI-powered scanning tools, security scanning (SAST/DAST, dependency and container scanning) into CI/CD, and by developing guardrails, templates, and best practices for engineers
- Own or co‑own vulnerability management workflows, from discovery and triage through remediation, including defining SLAs, coordinating with service owners, and tracking closure
- Develop automation (scripts, services, integrations) to detect misconfigurations, anomalous activity, or policy violations, and to reduce manual operational work for the security team
- Participate in security incident response (on‑call rotation or escalation), including investigation, containment, root cause analysis, and long‑term fixes
- Contribute to security documentation and standards, ensuring we have clear, actionable guidance for engineers on topics like authentication, authorization, data encryption, and key management
- Support audits and assessments (e.g., SOC 2, customer security questionnaires) by providing technical details and evidence of control design and effectiveness
- Mentor other engineers on secure design and implementation practices through pairing, reviews, training sessions, and written guidance
Requirements:
- 5+ years of experience in security engineering, infrastructure engineering, or application security, ideally in a B2B SaaS or cloud‑native environment
- Hands‑on experience with at least one major public cloud platform (e.g., GCP, AWS), including IAM, networking, logging/monitoring, and security services
- Strong proficiency in at least one programming or scripting language (e.g., Python, Go, Java, or similar) and experience using code to automate security controls or detection
- Direct experience with AI/LLM-specific security risks (prompt injection, model supply chain, etc.)
- Demonstrated knowledge of secure application and system design, including topics like authentication/authorization, encryption in transit and at rest, least‑privilege access, and secrets management
- Experience with security tooling such as vulnerability scanners, SAST/DAST tools, SIEM/centralized logging, endpoint protection, or cloud security posture management
- Solid understanding of common vulnerabilities and attack patterns (e.g., OWASP Top 10, misconfigurations, supply‑chain risks) and how to mitigate them in practice
- Ability to work cross‑functionally with engineering, IT, and compliance/legal teams, and to translate security requirements into practical implementation details
- Clear written and verbal communication skills, including the ability to document designs and decisions and to educate others on security best practices
- A collaborative, pragmatic approach: you're comfortable making risk‑based decisions, proposing options, and supporting teams in implementing secure, scalable solutions