Description
At Greenlight, we believe every child should have the opportunity to become financially healthy and happy. Our Security Operations team safeguards our mission-critical fintech infrastructure through advanced threat detection, innovative internally built AI tooling, comprehensive incident response, and strategic security architecture.
As a Senior Security Engineer, you will be a hands-on practitioner responsible for detecting, investigating, and responding to security threats across our cloud-native platform. You'll play a critical role in our day-to-day security operations triaging alerts, leading incident investigations, managing vulnerabilities, and continuously improving our detection capabilities.
This role is ideal for someone with strong security analyst fundamentals who is eager to grow their engineering skills and contribute to building and improving security tooling over time. You will collaborate closely with engineering, infrastructure, and product teams to ensure security is woven into everything we build.
Responsibilities
- Serve as a frontline responder for security incidents , triage alerts, lead investigations, coordinate cross-functional response efforts, and drive post-incident reviews and remediation
- Monitor and tune security tooling and detection rules to identify threats across our cloud infrastructure and applications; reduce false positives and improve signal quality
- Perform proactive threat hunting to identify attack patterns, anomalous behavior, and gaps in detection coverage
- Support and maintain security controls across our AWS environment, including monitoring for misconfigurations, access issues, and infrastructure risks
- Contribute to building and improving security automation, scripts, and internal tooling to reduce manual overhead and enhance operational efficiency; grow into deeper engineering contributions over time
- Own the enterprise vulnerability management program, establishing risk-based prioritization frameworks and driving organization-wide remediation strategies
- Spearhead AI/ML integration and automation initiatives to transform security operations, reduce manual overhead, and enhance detection capabilities
- Assist with and contribute to AI-driven security initiatives and automation efforts within the team
- Support ongoing security compliance, audit, and certification programs (e.g., PCI, SOC2)
- Work closely with engineering, infrastructure, and product teams to provide security guidance and support security-by-design practices
- Participate in team knowledge sharing, document runbooks and playbooks, and contribute to continuous improvement of SecOps processes
- Participate in on-call rotation and serve as a first responder to security event escalations
Requirements
- 6+ years of experience in security operations, incident response, or a security analyst role, preferably in cloud-centric environments
- Strong hands-on experience with incident response and investigation alert triage, forensic analysis, root cause determination, and remediation
- Solid understanding of common attack vectors, threat intelligence fundamentals, and attacker tactics, techniques, and procedures (TTPs)
- Working knowledge of cloud security fundamentals (AWS) IAM, VPC, CloudTrail, GuardDuty, Security Hub, or equivalent services
- Familiarity with TCP/IP protocols, network analysis, and common network/security tooling (SIEM, EDR, IDS/IPS)
- Demonstrated ability to identify exploits, vulnerabilities, and misconfigurations and drive remediation in cloud and server environments
- Growth mindset genuine interest in developing engineering skills (scripting, automation, tooling) and growing beyond a pure analyst role
- Ability to participate in an on-call rotation and respond to security event escalations
- Team player comfortable collaborating across India and US teams (primarily PST timezone)
Nice to Have
- Experience with scripting languages (Python, PowerShell, etc.)
- Experience with public cloud security (AWS, Azure, GCP)
- Red/Blue team experience
- Security certifications (e.g., CISSP, Security+, CEH, GIAC)