Staff Security Engineer

Summary

Join Thirty Madison as a Staff Security Engineer and support the Head of Security Engineering in driving security initiatives. You will act as a subject matter expert for detection and response, design scalable security solutions, conduct threat research, and strengthen defense-in-depth strategies. Collaborate with cross-functional teams, lead security incident investigations, and mentor others. This role requires proven expertise in security incident response and cloud environments, strong collaboration skills, and leadership experience. Thirty Madison offers a competitive salary ($184,000 - $253,000), an annual incentive plan, stock options, robust benefits (medical, dental, vision, 401k), and stipends.

Requirements

• Proven expertise in security incident response and detection engineering, with a strong focus on cloud environments
• Ability to partner closely with the Head of Security to drive forward security initiatives and strategies
• Experience adopting an automation- and development-driven approach to implement security controls
• Strong skills in threat modeling and identifying security risks
• Establish and track key KPIs to ensure the security program remains robust, enabling data-driven decision-making
• Leadership experience in designing and executing security control strategies, driving iterative design, and taking ownership of security products
• Exceptional collaboration skills, with the ability to work seamlessly with diverse teams, including engineers, medical professionals, and external partners
• A proactive mindset with a strong drive to take ownership of issues and solve them independently in a fast-paced, evolving environment
• A passion for educating and evangelizing security best practices, backed by excellent written and verbal communication skills
• Several years of experience leading cross-functional initiatives, especially bridging security engineering with infrastructure teams, with a proven track record of delivering impactful projects that align with business objectives
• Familiarity with Kubernetes and microservices architectures
• Experience deploying and securing cloud services (e.g., AWS, Azure) with a deep understanding of cloud security principles
• Strong proficiency in scripting and programming languages (e.g., Python, Bash) for data analysis, automation, and tool development
• Hands-on experience with Terraform for infrastructure management and automation

Responsibilities

• Act as a hands-on subject matter expert (SME) for the Detection and Response program, while also taking ownership of broader security initiatives, including Enterprise Security and Product Security at Thirty Madison
• Design and implement scalable solutions and processes to proactively identify, address, and mitigate security vulnerabilities and risks
• Conduct research on emerging threats impacting Thirty Madison’s applications and infrastructure
• Strengthen defense-in-depth strategies by developing secure-by-default frameworks, architectures, and processes
• Provide mentorship and share security best practices across the organization
• Collaborate with cross-functional teams to ensure security efforts align with business objectives and integrate smoothly into existing workflows
• Lead investigations, containment, and remediation of security incidents, ensuring swift resolution
• Demonstrate strong leadership under pressure, making informed decisions in uncertain situations while coordinating efforts across teams to resolve issues effectively

Benefits

• Annual Incentive Plan + Stock Option Package
• Robust and affordable Medical, Dental, and Vision plan options
• 401(k) with a match, commuter benefits, and FSA
• Annual $750 vacation stipend and $500 happiness stipend
• Flexible time off policy