Security Engineer at Bastion

Job Description

Key Responsibilities

• Architect, design, and implement security measures into the Bastion infrastructure across all backend and frontend services, ensuring alignment with enterprise security standards and regulatory requirements.
• Build and maintain resilient security services and infrastructure operating within the Bastion platform, including developing automated security protocols and implementing fail-safe mechanisms.
• Define, socialize, and uphold the Bastion threat model and security posture across all surfaces of the platform, conducting regular risk assessments and updating security strategies accordingly.
• Ensure customers are kept safe by implementing end-to-end monitoring, analysis, and incident response measures, including establishing real-time threat detection systems and coordinating with incident response teams.
• Educate and train the broader Bastion team on security best practices, including organizing regular security workshops, creating training materials, and fostering a culture of security awareness.
• Lead and orchestrate third-party security audits of the Bastion codebase and infrastructure, ensuring the delivery of comprehensive reports suitable for customer consumption and stakeholder review.

Job Requirements

• Proven experience in designing and implementing security solutions for cloud-based platforms, with a strong understanding of security architecture principles and best practices.
• Expertise in threat modeling, security risk assessment, and maintaining a strong security posture across distributed systems and APIs.
• Ability to lead cross-functional teams in security initiatives, including collaborating with developers, DevOps engineers, and compliance officers to ensure security integration at all stages of the development lifecycle.
• Strong knowledge of security monitoring tools, incident response frameworks, and data protection regulations such as GDPR, HIPAA, or SOC2.
• Experience with third-party security audits, including coordinating with external auditors, interpreting audit findings, and implementing remediation plans.
• Excellent communication skills to translate complex security concepts into actionable strategies for both technical teams and non-technical stakeholders.
• Proficiency in programming languages such as Python, Go, or Java, and familiarity with security frameworks like OAuth2, OpenID Connect, or TLS/SSL protocols.
• Ability to document security processes, create technical specifications, and maintain audit trails for compliance and transparency purposes.
• Strong problem-solving skills to identify and mitigate security vulnerabilities, including conducting penetration testing and vulnerability assessments.
• Knowledge of cloud security services (e.g., AWS Security, Azure Security Center) and infrastructure protection techniques to safeguard against unauthorized access and data breaches.