Platform Security Engineer

Summary

Join LogicGate's Information Security team as a Platform Security Engineer and help enhance our security program. You will primarily focus on platform and cloud security initiatives within AWS, with opportunities to rotate through other security domains. Collaborate with Engineering, DevOps, and our managed security service provider to secure our infrastructure and platform architecture. This role reports to the Sr. Manager of Information Security. The ideal candidate will have 4-7 years of relevant experience in security engineering, DevOps, IT, or software development, along with cloud and infrastructure security expertise. LogicGate offers a competitive salary and benefits package.

Requirements

• 4-7 Years of Relevant Experience
• Prior roles in security engineering, DevOps, IT, or software development. We are also open to non-security professionals interested in transitioning into a dedicated security role
• Cloud & Infrastructure Security Expertise
• Hands-on experience with AWS (or other cloud providers), including provisioning, configuration, and administrative skills
• Familiarity with Infrastructure-as-Code tools (e.g., Terraform, AWS CloudFormation, Ansible) and best practices for secure deployments
• Knowledge of containerization (Docker) and container orchestration (Kubernetes) security, focusing on identifying and applying best practices for secure image creation and cluster configuration
• Cloud Identity & Access Management Background
• Background with cloud IAM services, including managing roles, permissions, policies, and secure access practices
• CI/CD & Automation Know-How
• Understanding of CI/CD pipelines, common toolchains (GitLab CI, Jenkins, CircleCI, etc.), and methods to embed security checks
• Ability to write and troubleshoot scripts or automation to streamline security processes
• Broad Security Knowledge
• Awareness of security threats, controls, and frameworks (e.g., OWASP, CIS Benchmarks, NIST) and how they apply to cloud and application environments, along with familiarity in participating in SOC2 and ISO27001 auditing
• Collaborative & Communicative
• Strong interpersonal and communication skills, able to translate complex security issues to non-technical stakeholders
• Passion for sharing research, writing documentation, and presenting learnings to the technical community
• On-Call Readiness
• Willingness to participate in an on-call schedule for escalated alerts in partnership with our managed security service provider

Responsibilities

• Secure Our Cloud Environment
• Collaborate with Engineering and DevOps to design and maintain secure AWS (or other cloud service provider) architectures
• Identify potential cloud configuration and infrastructure vulnerabilities, implement changes via Infrastructure-as-Code (IaC) merge requests, and ensure compliance with industry best practices
• Drive Cloud Security & Standards Management
• Lead vulnerability and configuration management for cloud resources, continuously improving security standards and compliance automation
• Collaborate with developers and DevOps to ensure secure designs, threat modeling, and best practices across the stack
• Mature CI/CD Pipeline Security
• Secure our self-hosted and/or managed CI/CD toolchains, applying best practices for secrets management, code integrity checks, and artifact security
• Integrate automated security testing and scanning tools into the pipeline to identify and remediate vulnerabilities early
• Reporting & Remediation
• Track and communicate cloud security posture, highlighting progress on remediations, threat mitigation, and overall compliance posture
• Participate in on-call escalation for high-severity alerts (supported by a managed service provider for Level 1 triage)
• Contribute Across the Security Program
• Rotate through different InfoSec areas (e.g., incident response, policy and governance, enterprise security) as needed or based on interest
• Champion modern security practices across teams, providing training, documentation, and mentorship

Preferred Qualifications

Experience or willingness to get hands-on with application security, bug bounties, or red-team engagements, as well as other aspects of the security program including endpoint security, security awareness, and go-to-market activities, a plus

Benefits

• The anticipated base salary range for the role is $125,000 - $150,000 per year + variable + equity + benefits
• Paid time-off
• Ongoing learning stipend
• Paid parental leave
• 401k matching
• Health, vision, and dental insurance
• Accident and life insurance
• Competitive variable plans
• Equity grants
• 12 Annual Company Holidays
• Summer and Winter Fridays
• Health Days
• Access to LinkedIn Learning
• Regular People Leader training
• Our internal Mentorship Program
• Annual learning & development Program