Senior Product Security Engineer

Summary

Join Monte Carlo as a Product Security Engineer to lead security engineering efforts in a cloud-first environment. Maintain and enhance the vulnerability management program, develop security automation, and manage security alerting/reporting. Actively participate in new features and code reviews to support the Engineering team. This role requires in-depth knowledge of AWS security, secure Python development, and security automation, along with strong DevSecOps experience. Familiarity with AI tools and their security implications is a plus. The position offers a competitive salary, benefits, and equity package.

Requirements

• In-depth knowledge of AWS security
• A strong background in secure Python development and security automation
• Hands-on DevSecOps experience embedded in infrastructure-level systems, including Terraform repositories
• Experience with SIEM tools such as Splunk, Panther, or Datadog
• A strong sense of ownership, a bias for action, and a collaborative mindset
• Excellent communication skills and a strategic approach to solving security challenges

Responsibilities

• Leading security engineering in a cloud-native environment
• Driving secure practices across our infrastructure and Terraform-as-Code workflows
• Enhancing and maintaining our vulnerability management program
• Developing and maintaining scalable security automation
• Managing security alerting and reporting systems
• Participating in code reviews and engineering collaboration to drive secure-by-design thinking

Preferred Qualifications

• Familiarity with AI tools and security in ML/AI environments
• Security experience in GCP or Azure
• Experience managing a Vulnerability Management program
• Familiarity with SCA tooling (GitHub Advanced Security, Orca, Wiz, etc)
• Understanding of SOC 2, ISO 27001, and/or NIST 800-53 compliance frameworks
• Red/Blue/Purple team experience for supporting 3rd-party pentest scoping

Benefits

• Competitive salary
• Benefits
• Equity package