Senior Security Engineer IV - Infrastructure And Automation

Summary

Join PagerDuty as a Senior Security Engineer and become a key technical leader driving security initiatives across our SaaS offerings. You will spearhead IAM modernization, implement robust authentication, and maintain our security posture through architecture reviews and automated solutions. Collaborate with engineering teams to implement secure, scalable solutions. This role requires deep expertise in IAM and cloud security, particularly AWS services. We offer a competitive salary, comprehensive benefits, flexible work arrangements, and generous paid time off.

Requirements

• 5+ years of experience as a full-stack Security Engineer in an AWS native, micro-service SaaS environment with focus on IAM
• Deep expertise in cloud security, particularly AWS services including but not limited to: GuardDuty, CloudTrail, Config, IAM family, Secrets Manager, KMS, EKS, Service Mesh architectures
• Strong expertise and experience implementing and managing identity providers, specifically Okta and/or Microsoft Entra at scale (1000+ users)
• Strong understanding of zero trust principles and modern authentication patterns
• Experience working with multiple development teams and technology stacks
• 5+ years experience leading technical security initiatives, with proven ability to scope ambiguous projects, break down complex work into actionable items, and successfully delegate responsibilities while maintaining project momentum
• Proficiency with security tools: Vulnerability Management & EDR: Wiz, Snyk, Qualys/Nessus, Crowdstrike, SIEM: SumoLogic or Splunk
• Experience with Infrastructure as Code and CI/CD: Terraform, Helm, Chef, Ansible, Buildkite, Jenkins, ArgoCD
• 4+ years of experience and proficiency in at least one programming language and framework (Python, Java, or similar)
• Strong understanding of Threat Modeling principles
• Experience with Security Incident Response & Risk Management
• High appetite for challenging problems with a high degree of ownership

Responsibilities

• Lead and implement comprehensive IAM strategy across cloud infrastructure
• Work closely with Product Engineering teams and conduct architecture reviews and threat modeling sessions focusing on but not limited to identity and access patterns
• Design and implement modern service-to-service authentication patterns using technologies such as IRSA (IAM Roles for Service Accounts) and pod identity
• Develop and maintain a robust secrets management framework and strategy
• Drive adoption of principle of least privilege across all services and applications
• Design and implement automated workflows for access reviews and certification
• Design and implement security controls for AWS cloud infrastructure and containerized environments
• Develop metrics and monitoring for IAM-related security events and access patterns
• Monitor and maintain security tooling supporting infrastructure security controls
• Design and implement security automations and tool integrations
• Develop automated vulnerability management workflows to drive timely remediation
• Implement automated incident response playbooks
• Mentor and guide team members on security best practices and implementation approaches
• Participate in our team's on-call rotation, triaging and addressing security issues as they arise
• Contribute to roadmap and annual planning discussions

Preferred Qualifications

• Hands-on experience implementing IAM solutions at scale
• Experience working at a SaaS company larger than 1000 employees and 100M in revenue
• Current or past experience with obtaining and maintaining FedRAMP authorization and other compliance frameworks (SOC 2, ISO 27001)
• Strong problem-solving abilities with effective change management skills
• Possesses a strong sense of ownership and a keen discernment for excellence in security systems within a SaaS environment, demonstrating the ability to distinguish what constitutes a truly robust and effective safeguarding infrastructure
• Demonstrated history of mentoring and coaching
• Strong written and verbal communication skills
• Working knowledge and experience with PagerDuty Incident Management and Process Automation products
• Familiarity with Corporate security needs and solutions, and ability to provide oversight and mentorship to the Corporate Security team to ensure alignment with CISO strategic initiatives and mandates

Benefits

• Competitive salary
• Comprehensive benefits package from day one
• Flexible work arrangements
• Generous paid vacation time
• Paid holidays and sick leave
• Dutonian Wellness Days - scheduled company-wide paid days off in addition to PTO
• Company equity*
• ESPP (Employee Stock Purchase Program)*
• Retirement or pension plan*
• Paid parental leave - up to 22 weeks for pregnant parent, up to 12 weeks for non-pregnant parent (some countries have longer leave standards and we comply with local laws)*
• HibernationDuty - an annual company paid week off when everyone at PagerDuty, with the exception of a small, coverage crew, is asked to take a much needed break to truly disconnect and recharge
• Paid volunteer time off - 20 hours per year
• Company-wide hack weeks
• Mental wellness programs