Senior Security Engineer

Summary

Join LastPass as a Senior Security Engineer and play a key role in securing our infrastructure. You will leverage Terraform, automation tools, and security best practices to shape and secure our infrastructure. Collaborate with Security Engineers, Software Engineers, Site Reliability Engineers, Platform and Cloud Teams, and Compliance and Governance Teams. Work on exciting challenges such as Infrastructure as Code (IaC) at scale, security-first engineering, observability and incident response, CI/CD and automation, performance and reliability, and resilience and disaster recovery. LastPass offers a remote-first culture, competitive compensation, flexible PTO, generous parental leave, comprehensive health coverage, and continuous learning opportunities.

Requirements

• Expert knowledge and experience with Continuous Integration and Continuous Delivery (CI/CD) processes and technologies
• SIEM/SOAR security tooling
• Hands-on expertise with security tools such as Akamai, Datadog, Splunk, or similar SIEM and SOAR tools
• Infrastructure-as-Code mindset with a focus on Terraform
• Ability to design and implement solutions that follow security industry best practices, standards, and compliance frameworks
• Capability to drive playbook creation and automation in a code or low-code environment
• Threat-hunting skills through event and log analysis
• A collaborative, team-oriented mindset with a can-do attitude
• Strong ability to communicate effectively with stakeholders from diverse technical backgrounds within LastPass
• Excellent written and verbal communication skills in English

Responsibilities

• Manage and scale Terraform to automate and efficiently manage our IaC platforms
• Strengthen IaC and automation security monitoring by leveraging a comprehensive suite of tools and integrations
• Enhance real-time monitoring and alerting using tools like Datadog, Splunk, Akamai, and other SIEM/SOAR tools to detect and mitigate threats proactively
• Build and refine CI/CD pipelines to ensure secure, automated deployments across a global SaaS platform
• Optimize detection services for better performance, fault tolerance, and cost efficiency
• Design and implement detection strategies, response mechanisms, and security playbooks to ensure high resilience and disaster recovery capabilities

Preferred Qualifications

• Experience with compliance frameworks such as SOC 2, ISO 27001, or NIST
• Knowledge of WAFs, API security, and threat intelligence platforms

Benefits

• Competitive compensation
• Flexible Paid Time Off policies, including but not limited to: Quarterly Self-Care Days (4 extra paid days off annually) and Volunteer Days
• Generous parental leave
• Comprehensive health coverage, including dependents
• Home office setup support
• LastPass Families free account for up to 5 members
• Continuous learning and development opportunities, including an annual learning stipend to invest in your growth
• Peer-to-peer recognition through Motivosity
• Employee Assistance Program for well-being support
• Remote work stipend to support your home office needs
• Short-Term or Remote-Centric Work Arrangements for added flexibility