Security Engineer

Security Engineer

Menlo Security's mission is enabling the world to connect, communicate and collaborate securely without compromise. COVID-19 has made our mission all the more real. We support customers across various enterprises including Fortune 500 companies, 9/10 of the largest global banks and the Department of Defense.

About Us

The world has fundamentally changed. We are growing from 400 employees into the next phase of our journey, and we need passionate talent filled with empathy and agility. The right candidate for the job is ethical, hyper-organized, fanatical about seeing things through to completion, service-oriented, and humble enough to take feedback and coaching yet confident enough to provide feedback and coaching. Menlo is well-funded for growth and our investors are second to none. They include Vista Equity Partners ("Vista"), General Catalyst, JPMC, American Express, HSBC, and Ericsson Ventures.

Role Overview

We are seeking a forward-thinking Security Engineer to join our team, focusing on SecOps for the cloud architecture supporting the product. In this role, you will operate across a complex, multi-cloud environment (AWS & GCP) comprising both traditional VMs and modern managed and unmanaged container-based architectures.

Key Responsibilities

• Multi-Cloud Governance (AWS & GCP): Deploy and manage Cloud Security Posture Management (CSPM) tools to automatically detect and remediate misconfigurations across both providers.
• Container Security Lifecycle: Implement Cloud Native Application Protection Platform (CNAPP) strategies by shifting left and integrating container image scanning directly into Jenkins and GitLab pipelines.

As part of a lean team, your primary focus will be on the aggressive automation of security processes. You will be responsible for deploying, integrating, and monitoring Jenkins and GitLab pipelines to ensure that "Security as Code" scales seamlessly alongside our infrastructure. This includes the strategic deployment and management of CSPM, CNAPP, and CWPP tools to act as a force multiplier for the team. Your operational cadence must be built on speed and automation over manual triage. Success requires you to continuously tune alerting to ensure high-fidelity signals, reduce alert fatigue, and build automated response workflows. Ultimately, you will conduct rigorous infrastructure reviews to ensure that cloud configurations, IAM policies, and orchestration layers meet our security baselines while maintaining rapid release velocity.