Senior Product Security Engineer

• Serve as a core member of the Cloud Security team with significant influence on the direction priorities and execution of the cloud security program.
• Own operate maintain and improve our FedRAMP cloud environment ensuring it meets high standards for security availability compliance and operational excellence.
• Design implement and maintain a secure scalable and resilient AWS cloud infrastructure covering both the cloud platform and the applications running on it.
• Build and improve security controls across cloud resources including networking compute storage logging monitoring and IAM.
• Lead the hardening of AWS environments and Kubernetes-based platforms applying security best practices and secure-by-default patterns.
• Drive the automation of security controls operational processes and compliance requirements to reduce manual effort and human error.
• Partner closely with SRE platform and engineering teams to ensure services are deployed and operated securely in highly regulated environments.
• Develop maintain and continuously improve incident response capabilities for cloud environments including detection containment investigation recovery and post-incident analysis.
• Respond to security incidents perform deep technical investigations and drive remediation and long-term corrective actions.
• Proactively identify and mitigate security risks through threat-informed assessments vulnerability management and continuous cloud security reviews including the use of tools such as CNAPP.
• Manage and improve security tooling and services such as SIEM EDR cloud-native security tooling and monitoring platforms while developing meaningful security and risk metrics.
• Contribute to the development and execution of our cloud security strategy balancing business needs engineering velocity and regulatory obligations.
• Collaborate with engineering teams to understand system designs guide secure architecture decisions and help solve complex technical security problems.
• Contribute to cloud security education and training for engineering teams helping raise the overall security maturity of the organization.
• Stay current on emerging cloud threats AWS security capabilities attacker techniques and industry best practices and translate that knowledge into practical improvements.

• 7+ years of hands-on experience designing building securing and operating cloud infrastructure on AWS including deep practical knowledge of AWS security services architecture patterns and operational best practices.
• Proven experience working in high-security and regulated cloud environments with strong familiarity with FedRAMP and SOC 2 requirements.
• Strong hands-on expertise with Kubernetes container security and modern infrastructure platforms.
• Strong experience with infrastructure as code and automation tooling such as Terraform/OpenTofu Terragrunt Ansible Crossplane Jenkins and GitHub Actions.
• Demonstrated ability to design and implement scalable security automation and DevSecOps practices.
• Strong experience in incident response security monitoring investigation and remediation in cloud-native environments.
• Deep understanding of IAM least privilege identity architecture and access control best practices in AWS.
• Strong knowledge of network security including segmentation firewalls VPNs intrusion detection and secure connectivity patterns in cloud environments.
• Experience managing and tuning security tools and platforms including SIEM EDR vulnerability management and cloud security posture tools.
• Excellent troubleshooting analytical and problem-solving skills with the ability to work through complex technical and operational challenges.
• Ability to operate with a high degree of ownership make sound technical decisions and drive initiatives from design through implementation and continuous improvement.
• Strong communication and collaboration skills with the ability to clearly explain technical security concepts to both technical and non-technical stakeholders.
• A proactive hands-on mindset and a strong commitment to building secure resilient and maintainable systems.
• Fluent in English written and spoken.

• Experience securing and operating FedRAMP-authorized or similarly regulated SaaS environments.
• Experience with additional cloud platforms such as Azure.
• Proficiency in Python or Golang; JavaScript/TypeScript is a plus.
• Knowledge of security standards and frameworks such as CIS Benchmarks NIST and ISO 27001.
• Experience influencing security architecture across multiple engineering teams and driving adoption of security best practices at scale.

• You are a senior-level engineer who enjoys taking on difficult technical problems and solving them pragmatically.
• You are comfortable owning critical security infrastructure and making decisions in complex fast-moving environments.
• You combine strong technical depth with sound judgment and a practical approach to risk reduction.
• You advocate for high security standards while enabling engineering teams to move effectively.
• You are curious adaptable and motivated by continuous improvement.

• Flexible Hours and unlimited vacation (employees have unlimited paid time off on top of the 15 days of holidays we offer) 11 company-paid holidays and 3 extra days for volunteering.
• Hybrid work model that balances office and remote work with structured onboarding to foster connections and team integration.
• Free access to professional training platforms to explore your interests and enhance your skills.
• Up to 16 weeks of paid leave for birthing parents/primary caregivers 6 weeks for secondary caregivers.
• Plan for the future with a 401(k) plan featuring up to 4% company matching contributions vesting immediately to grow your retirement savings.
• Bonuses for referring successful hires after three months of continuous employment.

What We Do

Nexthink is the global leader in digital employee experience management. Our platform empowers IT teams with real-time visibility analytics and automation to proactively detect and resolve issues across any application device or network—before they affect employees. By shifting IT from reactive problem-solving to continuous optimization Nexthink enables more than 1300 organizations to create productive seamless and satisfying digital workplaces for over 18 million employees worldwide.

Why Work With Us

With over 1200 employees across 5 continents Nexthink operates as One Team connecting collaborating and innovating to continuously grow. We call our employees ‘Nexthinkers’ and our commitment to diversity inclusion and equity is second to none. We currently have over 75 nationalities working with us from all cultures and backgrounds.

Gallery