All Open Positions

Security Engineer

Remote Full-Time Mid-Senior Security

About the Role

As a Security Engineer at CaeliCode, you'll lead our cybersecurity practice, protecting both our internal systems and our clients' cloud environments. You'll work across the full security spectrum: from proactive threat modeling and secret scanning to incident response and compliance.

This role has real ownership. You'll define security standards, build tooling, and work directly with engineering teams to embed security into every stage of the development lifecycle. If you believe security should be built in, not bolted on, this is your role.

What You'll Do

  • Design and implement cloud security architectures across AWS, Azure, and GCP
  • Build and maintain secret scanning and credential detection pipelines
  • Manage vulnerability assessment and remediation workflows
  • Set up and tune SIEM platforms for real-time threat detection and alerting
  • Conduct security audits, penetration testing, and architecture reviews
  • Develop incident response playbooks and lead incident investigations
  • Implement security automation: policy-as-code, automated compliance checks, guardrails
  • Contribute to our open-source security tools and help define best practices

What We're Looking For

  • 3+ years of experience in cybersecurity, cloud security, or security engineering
  • Strong knowledge of cloud security services (AWS GuardDuty, Azure Sentinel, GCP Security Command Center)
  • Experience with SIEM platforms (Splunk, Elastic SIEM, Sentinel, or similar)
  • Proficiency in at least one scripting language (Python, Go, or Bash)
  • Understanding of common attack vectors, OWASP Top 10, and MITRE ATT&CK framework
  • Experience with secret management tools (Vault, AWS Secrets Manager, etc.)
  • Familiarity with compliance frameworks (SOC 2, ISO 27001, CIS Benchmarks)

Nice to Have

  • Security certifications (CISSP, OSCP, AWS Security Specialty, etc.)
  • Experience with container security (Falco, Trivy, Aqua)
  • Knowledge of zero-trust architecture principles
  • Background in DevSecOps and shift-left security practices
  • Experience building security tooling or contributing to security open-source projects