Platform Security Engineer

We are seeking a Platform Security Engineer to join our Information Security team and help evolve our security program to the next level. This individual will primarily focus on platform and cloud security initiatives—particularly within AWS—while also having the flexibility to rotate through other security domains according to interest, skills, and organizational needs. You’ll work closely with Engineering, DevOps, and our managed security service provider to secure our infrastructure, CI/CD pipelines, and platform architecture. You’ll report directly to our Sr. Manager of Information Security, joining a small but mighty InfoSec team.

What You’ll Achieve

• Secure Our Cloud Environment
• Collaborate with Engineering and DevOps to design and maintain secure AWS (or other cloud service provider) architectures.
• Identify potential cloud configuration and infrastructure vulnerabilities, implement changes via Infrastructure-as-Code (IaC) merge requests, and ensure compliance with industry best practices.
• Drive Cloud Security & Standards Management
• Lead vulnerability and configuration management for cloud resources, continuously improving security standards and compliance automation.
• Collaborate with developers and DevOps to ensure secure designs, threat modeling, and best practices across the stack.
• Mature CI/CD Pipeline Security
• Secure our self-hosted and/or managed CI/CD toolchains, applying best practices for secrets management, code integrity checks, and artifact security.
• Integrate automated security testing and scanning tools into the pipeline to identify and remediate vulnerabilities early.
• Reporting & Remediation
• Track and communicate cloud security posture, highlighting progress on remediations, threat mitigation, and overall compliance posture.
• Participate in on-call escalation for high-severity alerts (supported by a managed service provider for Level 1 triage).
• Contribute Across the Security Program
• Rotate through different InfoSec areas (e.g., incident response, policy and governance, enterprise security) as needed or based on interest.
• Champion modern security practices across teams, providing training, documentation, and mentorship.

The Value You’d Add

• 4-7 Years of Relevant Experience
• Prior roles in security engineering, DevOps, IT, or software development. We are also open to non-security professionals interested in transitioning into a dedicated security role.
• Cloud & Infrastructure Security Expertise
• Hands-on experience with AWS (or other cloud providers), including provisioning, configuration, and administrative skills.
• Familiarity with Infrastructure-as-Code tools (e.g., Terraform, AWS CloudFormation, Ansible) and best practices for secure deployments.
• Knowledge of containerization (Docker) and container orchestration (Kubernetes) security, focusing on identifying and applying best practices for secure image creation and cluster configuration.
• Cloud Identity & Access Management Background
• Background with cloud IAM services, including managing roles, permissions, policies, and secure access practices.
• CI/CD & Automation Know-How
• Understanding of CI/CD pipelines, common toolchains (GitLab CI, Jenkins, CircleCI, etc.), and methods to embed security checks.
• Ability to write and troubleshoot scripts or automation to streamline security processes.
• Broad Security Knowledge
• Awareness of security threats, controls, and frameworks (e.g., OWASP, CIS Benchmarks, NIST) and how they apply to cloud and application environments, along with familiarity in participating in SOC2 and ISO27001 auditing.
• Experience or willingness to get hands-on with application security, bug bounties, or red-team engagements, as well as other aspects of the security program including endpoint security, security awareness, and go-to-market activities, a plus.
• Collaborative & Communicative
• Strong interpersonal and communication skills, able to translate complex security issues to non-technical stakeholders.
• Passion for sharing research, writing documentation, and presenting learnings to the technical community.
• On-Call Readiness
• Willingness to participate in an on-call schedule for escalated alerts in partnership with our managed security service provider.

At LogicGate, our People are the foundation of everything we do - for our teams, our customers, and the Company. We are proud to offer competitive, inclusive, and comprehensive total rewards packages. 

The anticipated base salary range for the role is $125,000 - $150,000 per year + variable + equity + benefits. Actual salaries may vary and will be based on factors, such as the candidate's qualifications, skills, competencies, and proficiency for the role. Internal candidates who have current pay within or above the hiring range are still encouraged to apply if interested.

LogicGate has an outcomes-first culture that provides a variety of benefits and perks that enable our teams to thrive, both inside and outside of the workplace. These include competitive variable plans, equity grants, paid time-off, ongoing learning stipend, paid parental leave, 401k matching, health, vision, and dental insurance, accident and life insurance.

Total Rewards 

Our Total Rewards Package is designed to support you both at work and outside of it. In addition to offering competitive salary, variable compensation (bonus), equity, and health and wellness benefits, we are proud to offer generous PTO, 12 Annual Company Holidays, Summer and Winter Fridays, and Health Days, allowing you time to recharge and relax. We are focused on and invested in career development and learning opportunities including access to LinkedIn Learning, regular People Leader training, our internal Mentorship Program, and annual learning & development Program.

Our Culture

DEIB is a priority for us at LogicGate - it is at the foundation of all of our core People programs, activities, and business practices.  We encourage everyone to join one of our Employee Resource Groups (AAPI @ LogicGate, Pride at LogicGate, and Women in LogicGate) to participate in and contribute to conversations that foster a culture of belonging. 

LogicGate also believes strongly in giving back to the communities in which we live and work. We support our teams through this by offering volunteer hours as well as Company-wide charitable activities supporting organizations aligned with our Company Core Values.

Excited about LogicGate but not familiar with GRC? That’s ok — a lot of us weren’t familiar with GRC when we started, too. Unless the job description specifically requires previous GRC familiarity, here’s what you need to know:

• GRC stands for Governance, Risk, and Compliance
• GRC professionals help their companies manage uncertainty, act with integrity, and stay on the right side of the law. 
• GRC is a huge market and growing fast. It’s a $35 billion industry today, and predicted to grow to $64 billion by 2025. A lot of opportunity!

At LogicGate, our People are the foundation of everything we do - for our teams, our customers, and the Company. We are proud to offer competitive, inclusive, and comprehensive total rewards packages.