Senior Security Engineer | Onsite - New York

DUE TO FEDERAL REGULATIONS, CANDIDATES MUST BE U.S. CITIZENS

Berkley Hunt has partnered with an innovative, mission-driven company focused on transforming American manufacturing. They are building cutting-edge tools that modernize how manufacturers operate by automating work instruction creation and bridging the gap between engineering and manufacturing. Their platform streamlines production efficiency in industries requiring precision and high standards, and they are looking for a Senior Security Engineer to join their team and help safeguard their infrastructure and applications.

Responsibilities:

• Design Next-Gen Security: Create and implement security frameworks that incorporate Zero-Trust principles and automation.
• Enhance Cloud Security: Apply IAM best practices and utilize AWS tools (Identity Center, GuardDuty, Security Hub, Macie, and Inspector) to secure our cloud environment.
• Transform DevSecOps: Integrate security into CI/CD pipelines using GitHub Actions, Terraform, and Python, ensuring security is maintained at the pace of development.
• Drive Compliance: Lead and manage SOC 2, ISO 27001 (Stage 1/2), ITAR, and NIST 800-171/53 compliance efforts, ensuring CUI environments remain secure.
• Automate Security: Develop and implement security automation using Python to reduce manual effort and improve response time.
• Champion Security Across Teams: Work cross-functionally to embed security throughout all layers of technology, from infrastructure to application development.

Requirements:

• 5+ years of experience as a Security Engineer, Security Architect, or DevSecOps Engineer.
• Strong knowledge of compliance frameworks (SOC 2, ISO 27001, ITAR) and how to integrate them into existing security infrastructures.
• Extensive experience securing AWS environments, with expertise in advanced IAM, monitoring, and automation.
• Hands-on experience with SAST, DAST, CI/CD security, and vulnerability management.
• A DevSecOps advocate, with proficiency in Terraform and GitHub Actions.
• Strong Python skills for security automation and integration.
• Familiarity with Zero-Trust security models and cloud-native security architectures.

Nice to Have

• Experience working in a fast-paced startup environment.
• Familiarity with Compliance Automation Tools (Vanta, Drata).