Senior Security Engineer (Infrastructure & Identity Security)
To see similar active jobs please follow this link: Remote System Administration jobs
PagerDuty is seeking a Senior Security Engineer (Infrastructure & Identity Security) to join our diverse, customer-focused team! As a Senior Security Engineer, you will be a key technical leader driving security initiatives across PagerDuty's SaaS offerings, with deep expertise in Identity and Access Management. While you'll spearhead our IAM modernization efforts and implement robust authentication patterns, you'll also be instrumental in maintaining our overall security posture through architecture reviews, threat modeling, and automated security solutions. We're looking for a security generalist who excels in IAM - someone who can tackle diverse security challenges across our infrastructure while bringing specialized knowledge in identity and access patterns. Since we own and operate what we build, you'll collaborate with 30+ engineering teams to implement secure, scalable solutions that enhance security while maintaining developer productivity. This is an exciting opportunity to not only revolutionize our IAM strategy but also contribute to the broader security landscape of our SaaS platform.
KEY RESPONSIBILITIES
Lead and implement comprehensive IAM strategy across cloud infrastructure
Work closely with Product Engineering teams and conduct architecture reviews and threat modeling sessions focusing on but not limited to identity and access patterns
Design and implement modern service-to-service authentication patterns using technologies such as IRSA (IAM Roles for Service Accounts) and pod identity
Develop and maintain a robust secrets management framework and strategy
Drive adoption of principle of least privilege across all services and applications
Design and implement automated workflows for access reviews and certification
Design and implement security controls for AWS cloud infrastructure and containerized environments
Develop metrics and monitoring for IAM-related security events and access patterns
Monitor and maintain security tooling supporting infrastructure security controls
Design and implement security automations and tool integrations
Develop automated vulnerability management workflows to drive timely remediation
Implement automated incident response playbooks
Additional Responsibilities:
Mentor and guide team members on security best practices and implementation approaches
Participate in our team's on-call rotation, triaging and addressing security issues as they arise.
Contribute to roadmap and annual planning discussions
BASIC QUALIFICATIONS
5+ years of experience as a full-stack Security Engineer in an AWS native, micro-service SaaS environment with focus on IAM.
Deep expertise in cloud security, particularly AWS services including but not limited to:
GuardDuty, CloudTrail, Config
IAM family, Secrets Manager, KMS
EKS, Service Mesh architectures
Strong expertise and experience implementing and managing identity providers, specifically Okta and/or Microsoft Entra at scale (1000+ users).
Strong understanding of zero trust principles and modern authentication patterns
Experience working with multiple development teams and technology stacks
5+ years experience leading technical security initiatives, with proven ability to scope ambiguous projects, break down complex work into actionable items, and successfully delegate responsibilities while maintaining project momentum
Proficiency with security tools:
Vulnerability Management & EDR: Wiz, Snyk, Qualys/Nessus, Crowdstrike
SIEM: SumoLogic or Splunk
Experience with Infrastructure as Code and CI/CD:
Terraform, Helm, Chef, Ansible, Buildkite, Jenkins, ArgoCD
4+ years of experience and proficiency in at least one programming language and framework (Python, Java, or similar)
Strong understanding of Threat Modeling principles
Experience with Security Incident Response & Risk Management
High appetite for challenging problems with a high degree of ownership.
PREFERRED QUALIFICATIONS
Hands-on experience implementing IAM solutions at scale
Experience working at a SaaS company larger than 1000 employees and 100M in revenue
Current or past experience with obtaining and maintaining FedRAMP authorization and other compliance frameworks (SOC 2, ISO 27001)
Strong problem-solving abilities with effective change management skills
Possesses a strong sense of ownership and a keen discernment for excellence in security systems within a SaaS environment, demonstrating the ability to distinguish what constitutes a truly robust and effective safeguarding infrastructure.
Demonstrated history of mentoring and coaching
Strong written and verbal communication skills
Working knowledge and experience with PagerDuty Incident Management and Process Automation products.
Familiarity with Corporate security needs and solutions, and ability to provide oversight and mentorship to the Corporate Security team to ensure alignment with CISO strategic initiatives and mandates.
The base salary range for this position is 176,000 - 281,000 USD. This role may also be eligible for bonus, commission, equity, and/or benefits.
Our base salary ranges are determined by role, level, and location. The range, which is subject to change based on primary work location, reflects the minimum and maximum base salary we expect to pay newly hired employees for the position. Within the range, we determine pay for an individual based on a number of factors including market location, job-related knowledge, skills/competencies and experience.
Your recruiter can share more about the specific offerings for this role, as well as the salary range for your primary work location during the hiring process.
The successful applicant will be performing work in FedRAMP environments, and therefore, must be a U.S. Person (i.e. U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee). This position may also perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil.
About the job
Senior Security Engineer (Infrastructure & Identity Security)
To see similar active jobs please follow this link: Remote System Administration jobs
PagerDuty is seeking a Senior Security Engineer (Infrastructure & Identity Security) to join our diverse, customer-focused team! As a Senior Security Engineer, you will be a key technical leader driving security initiatives across PagerDuty's SaaS offerings, with deep expertise in Identity and Access Management. While you'll spearhead our IAM modernization efforts and implement robust authentication patterns, you'll also be instrumental in maintaining our overall security posture through architecture reviews, threat modeling, and automated security solutions. We're looking for a security generalist who excels in IAM - someone who can tackle diverse security challenges across our infrastructure while bringing specialized knowledge in identity and access patterns. Since we own and operate what we build, you'll collaborate with 30+ engineering teams to implement secure, scalable solutions that enhance security while maintaining developer productivity. This is an exciting opportunity to not only revolutionize our IAM strategy but also contribute to the broader security landscape of our SaaS platform.
KEY RESPONSIBILITIES
Lead and implement comprehensive IAM strategy across cloud infrastructure
Work closely with Product Engineering teams and conduct architecture reviews and threat modeling sessions focusing on but not limited to identity and access patterns
Design and implement modern service-to-service authentication patterns using technologies such as IRSA (IAM Roles for Service Accounts) and pod identity
Develop and maintain a robust secrets management framework and strategy
Drive adoption of principle of least privilege across all services and applications
Design and implement automated workflows for access reviews and certification
Design and implement security controls for AWS cloud infrastructure and containerized environments
Develop metrics and monitoring for IAM-related security events and access patterns
Monitor and maintain security tooling supporting infrastructure security controls
Design and implement security automations and tool integrations
Develop automated vulnerability management workflows to drive timely remediation
Implement automated incident response playbooks
Additional Responsibilities:
Mentor and guide team members on security best practices and implementation approaches
Participate in our team's on-call rotation, triaging and addressing security issues as they arise.
Contribute to roadmap and annual planning discussions
BASIC QUALIFICATIONS
5+ years of experience as a full-stack Security Engineer in an AWS native, micro-service SaaS environment with focus on IAM.
Deep expertise in cloud security, particularly AWS services including but not limited to:
GuardDuty, CloudTrail, Config
IAM family, Secrets Manager, KMS
EKS, Service Mesh architectures
Strong expertise and experience implementing and managing identity providers, specifically Okta and/or Microsoft Entra at scale (1000+ users).
Strong understanding of zero trust principles and modern authentication patterns
Experience working with multiple development teams and technology stacks
5+ years experience leading technical security initiatives, with proven ability to scope ambiguous projects, break down complex work into actionable items, and successfully delegate responsibilities while maintaining project momentum
Proficiency with security tools:
Vulnerability Management & EDR: Wiz, Snyk, Qualys/Nessus, Crowdstrike
SIEM: SumoLogic or Splunk
Experience with Infrastructure as Code and CI/CD:
Terraform, Helm, Chef, Ansible, Buildkite, Jenkins, ArgoCD
4+ years of experience and proficiency in at least one programming language and framework (Python, Java, or similar)
Strong understanding of Threat Modeling principles
Experience with Security Incident Response & Risk Management
High appetite for challenging problems with a high degree of ownership.
PREFERRED QUALIFICATIONS
Hands-on experience implementing IAM solutions at scale
Experience working at a SaaS company larger than 1000 employees and 100M in revenue
Current or past experience with obtaining and maintaining FedRAMP authorization and other compliance frameworks (SOC 2, ISO 27001)
Strong problem-solving abilities with effective change management skills
Possesses a strong sense of ownership and a keen discernment for excellence in security systems within a SaaS environment, demonstrating the ability to distinguish what constitutes a truly robust and effective safeguarding infrastructure.
Demonstrated history of mentoring and coaching
Strong written and verbal communication skills
Working knowledge and experience with PagerDuty Incident Management and Process Automation products.
Familiarity with Corporate security needs and solutions, and ability to provide oversight and mentorship to the Corporate Security team to ensure alignment with CISO strategic initiatives and mandates.
The base salary range for this position is 176,000 - 281,000 USD. This role may also be eligible for bonus, commission, equity, and/or benefits.
Our base salary ranges are determined by role, level, and location. The range, which is subject to change based on primary work location, reflects the minimum and maximum base salary we expect to pay newly hired employees for the position. Within the range, we determine pay for an individual based on a number of factors including market location, job-related knowledge, skills/competencies and experience.
Your recruiter can share more about the specific offerings for this role, as well as the salary range for your primary work location during the hiring process.
The successful applicant will be performing work in FedRAMP environments, and therefore, must be a U.S. Person (i.e. U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee). This position may also perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil.