Junior Security Engineer

Position Summary

We are looking for a Junior Security Engineer who is eager to learn, grow, and help build secure and reliable systems. This role is ideal for someone with a foundational understanding of security principles, some hands-on coding experience, and a strong interest in developing skills across application, cloud, data, and network security. You’ll work alongside experienced engineers and gain exposure to modern technologies and real-world security practices.

What You'll Do

• Help develop and maintain engineering and data security policies and standards.
• Contribute to security awareness efforts across the organization.
• Support Engineering and Business teams in applying secure engineering practices.
• Assist with application security reviews and participate in security discussions.
• Learn how to integrate security into each stage of the software development lifecycle.
• Assist in configuring and analyzing security tools across cloud and on-prem environments.
• Support security testing, vulnerability analysis, and documentation.
• Participate in an on-call rotation with guidance and mentorship.
• Help develop incident response procedures and learn recovery strategies.

Required Qualifications

• 1–2 years of experience developing or deploying security technologies (internships and academic projects count).
• Familiarity with modern software development practices and CI/CD pipelines.
• Experience using vulnerability scanning tools (SAST, SCA, mobile scanning, API scanning) and handling basic remediation.
• Foundational understanding of public cloud platforms (AWS, Azure, or GCP) and core network security concepts.
• Exposure to Docker, Kubernetes, Security-as-Code, or Infrastructure-as-Code tools.
• Experience with at least one programming or scripting language (Java, Python, C#, JavaScript, Shell, PowerShell, etc.).
• Interest in data protection, encryption, and privacy regulations (GDPR, CCPA).

Preferred Qualifications

• Familiarity with cloud architecture concepts.
• Understanding of networking fundamentals and software-defined networking (SDN).
• Ability to read or create basic network, sequence, or data flow diagrams.
• Awareness of the OWASP Application Security Verification Standard (ASVS).
• Experience collaborating with remote or distributed teams.
• Knowledge of compliance frameworks such as HIPAA, HITRUST, PCI, NIST, or CSA.
• Exposure to security tools like GitHub Advanced Security, CodeQL, Checkmarx, or Snyk.
• Interest in building resilient, fault-tolerant systems in cloud environments.

Education

A Bachelor’s degree in Computer Science, Software Development, Software Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience is required.

Key skills/competency

• Security Principles
• Vulnerability Analysis
• Cloud Platforms (AWS, Azure, GCP)
• CI/CD Pipelines
• Programming/Scripting (Python, Java)
• Data Protection
• Incident Response
• Application Security
• Network Security
• Security-as-Code