Compensation: For this principal development role, with 6+ years of experience, the compensation range is $5,000 - $9,500 USD per month (gross) . About the Role We are seeking a hands‑on, high‑impact Senior Security Infrastructure Engineer to strengthen Sezzle’s security posture across cloud infrastructure, applications, and developer workflows. This role is ideal for someone who thrives in a fast‑paced environment and wants to work on real‑world security problems at scale. What You’ll Do Lead and operate vulnerability management across infrastructure, platforms, and applications – including internal scans, dependency analysis, and external findings – validating true positives and driving remediation with engineering teams. Build, operate, and mature SIEM/XDR capabilities, including log ingestion, detection rule development, alert tuning, and investigation workflows. Investigate and respond to security incidents across cloud infrastructure and applications, performing root‑cause analysis and driving long‑term fixes. Design and implement detection strategies for suspicious activity, including data exfiltration patterns using application and database telemetry. Lead and contribute to threat modeling exercises and security design reviews to identify risks early and strengthen architecture. Apply deep expertise in AWS and Kubernetes to design, secure, and improve resilient and secure cloud infrastructure at scale. Drive infrastructure and CI/CD hardening initiatives, with a focus on reducing software and container supply‑chain risk. Lead efforts to implement and improve dependency and container supply‑chain risk detection systems and controls. Partner closely with engineering teams to remediate vulnerabilities and improve secure development and deployment practices. Support and implement security controls aligned with PCI DSS, SOC 2, and other compliance requirements. Develop and implement automation (including AI where appropriate) to improve efficiency in security operations, detection, and response. Triage and validate external security findings, distinguishing true positives and coordinating remediation. What We Look For 6+ years of experience in security, software, or infrastructure engineering, with hands‑on experience securing cloud‑based production systems and working with real‑world security challenges. Experience contributing to threat modeling and security design reviews for modern systems. Strong hands‑on experience in vulnerability management, including scanning, triage, validation, remediation coordination, and verification. Experience working with SIEM platforms (e.g., Wazuh, Splunk, ELK) for detection engineering, monitoring, and incident response. Practical experience triaging findings from vulnerability scanners and bug bounty programs. Strong knowledge of AWS, Linux, and Kubernetes infrastructure, including security architecture, hardening, and operational best practices. Experience improving infrastructure security, including CI/CD hardening and mitigating software supply‑chain risks. Experience with container and dependency security tools (e.g., Snyk, Trivy, Grype). Ability to investigate issues directly using logs, cloud tooling, and system‑level data. Knowledge of common security vulnerabilities and mitigation strategies (OWASP, SANS, etc.). Working knowledge of compliance frameworks such as PCI DSS and SOC 2. Preferred Knowledge and Skills Experience designing and tuning detection rules, reducing alert noise, and improving investigation workflows. Strong understanding of cloud‑native security controls, including IAM, network segmentation, and container security. Familiarity with log‑based detection, telemetry pipelines, and security analytics use cases. Experience designing secure CI/CD workflows that reduce exposure to vulnerable dependencies and untrusted artifacts. Ability to assess application and infrastructure risk and translate findings into actionable improvements. Experience aligning technical security work with regulatory and compliance expectations. Experience using automation and AI to reduce manual effort and improve consistency at scale. About You You think proactively about security and work to address risk early through clear design feedback and practical engineering solutions. You bring strong cloud and infrastructure judgment, especially in AWS and Kubernetes environments. You raise the bar on hardening and operational discipline, especially in CI/CD and supply‑chain security practices. You approach security monitoring with an investigator’s mindset and can turn telemetry into meaningful detection and response outcomes. You are excited to use automation and emerging technologies (including AI) to automate repetitive security work and improve team effectiveness. You balance strong security standards with business needs and can support privacy and compliance requirements in a practical, scalable way. You have relentlessly high standards – many people may think your standards are unreasonably high, but you continually raise the bar and drive others to deliver great results. You’re not bound by convention – your success lies in developing new ways to do things. You need action – speed matters in business. Many decisions and actions are reversible and do not need extensive study. You earn trust – you listen attentively, speak candidly, and treat others respectfully. You have backbone; disagree, then commit – you can respectfully challenge decisions when you disagree, even when uncomfortable. You deliver results – you focus on key inputs and deliver them with the right quality and in a timely fashion. Languages: Golang, Typescript, Python Frontend: Typescript – React and React Native Version Control: Git CI/CD: GitLab Testing: Developer and AI‑driven, focus on automated end‑to‑end, integration, and unit tests Open Source: Sezzle focuses on using open source and builds what we can before buying. #J-18808-Ljbffr