Infrastructure Security Engineer

Security Engineer

Mission Summary

Securely accelerate engineering. As a Security Engineer at Observe, your mission is to design and deliver controls, automations, and processes that enable teams to move faster with confidence. Your success is measured by how much safer and more efficiently others can build, ship, and operate software because of the guardrails, detections, and practices you establish.

About The Job

At Observe, we’re building next-generation systems in a high-growth environment. As a Security Engineer, you will focus on one primary goal: improving security outcomes without adding friction. You will shape identity and access patterns, strengthen detection/response, streamline vulnerability and configuration management, and make audit readiness a natural output of daily operations.

You’ll collaborate closely with IT and Infrastructure to translate security requirements into clear standards, automation, and documentation—so developers focus on solving complex problems, not wrestling with security hurdles. You will manage priorities, deadlines, and deliverables across teams, lead design and playbook reviews, and champion simple, scalable practices that raise the bar for engineering excellence.

Responsibilities

• GRC Enablement
• Map operating controls to automated evidence (access reviews, backup verification, change control, patch SLOs).
• Support third-party assessments, penetration-test scoping, and regression validation; contribute to SOC 2/ISO 27001 readiness.
• Identity & Access Management
• Design and maintain least-privilege models, just-in-time/step-up patterns, break-glass controls, and periodic access reviews.
• Publish clear access standards and reporting that improve visibility for engineering leadership and auditors.
• Detections & Monitoring
• Define, implement, and tune a ruleset for high-value scenarios (e.g., authentication anomalies, risky configuration changes, suspected key/role misuse, public exposure).
• Reduce false positives with context and suppression; maintain coverage and efficacy dashboards.
• Incident Response
• Author and own playbooks for top scenarios (credential theft, exposed secrets, suspicious data access, privilege escalation).
• Run tabletops with IT and Infrastructure; lead post-incident reviews and drive corrective actions with clear owners and timelines.
• Vulnerability & Configuration Management
• Improve signal quality, deduplication, ownership routing, and SLAs for findings across services and environments.
• Partner with Infrastructure on remediation plans, patching objectives, baseline configurations, account/landing-zone structure, and segmentation.
• Documentation & Education
• Maintain standards, runbooks, and quick-start guides that improve onboarding and day-to-day productivity.
• Lead reviews that balance near-term risk reduction with long-term architectural goals.
  

Minimum Qualifications

• Bachelor’s degree or equivalent practical experience.
• 3 years in security engineering or networking or a blended role across IAM, detections/monitoring, incident response, vulnerability/configuration management, and GRC.
• Strong understanding of identity models, least privilege, and access review processes across cloud and SaaS environments.
• Experience writing clear runbooks/playbooks and partnering with IT/Infrastructure to operationalize changes.
• Familiarity with cloud security fundamentals, CI/CD concepts, and infrastructure-as-code principles.
• Ability to translate risk into prioritized, incremental improvements with measurable outcomes.
  
  

Preferred Qualifications

• Demonstrated reduction of alert noise and duplicate findings through rule tuning, routing, and suppression.
• Proven implementation of just-in-time administrative access, break-glass pathways, and periodic access reviews.
• Experience orchestrating incident response and delivering durable, engineering-owned remediations.
• Hands-on alignment of operations with SOC 2/ISO 27001 and automation of evidence collection.