Senior Security Engineer

TripleTen is a service that empowers individuals regardless of their prior experience to embark on the exciting and challenging journey of mastering tech professions. Our bootcamps focus on training students in software engineering data science business intelligence analytics and QA engineering in a feasible and accessible way ultimately leading them to thrive in a new career.

Our mission is to ensure that every student has the opportunity to successfully master a new profession find their purpose and become a valuable member of the tech industry. TripleTen is a remote-first organization mirroring our students who complete our bootcamps in a remote environment.

As a Senior Security Engineer you will conduct security due diligence for all new vendors and SaaS solutions ensuring they meet baseline security requirements such as SSO 2FA and encryption while maintaining a live inventory and assessing third-party risks. Security at our company is owned by a tight two-person team. You and another seasoned engineer will work closely together splitting areas of responsibility collaborating on reviews and making joint decisions.

Vendor & SaaS Risk Management

• Lead security due-diligence for every new external service or software purchase.
• Maintain and evolve our baseline security requirements (2FA SSO encryption etc.).
• Maintain a living catalogue of third-party services and assess risks of data leakage.

Policies & Access Governance

• Develop and enforce policies for handling and protecting personal data (e.g. GDPR CCPA).
• Define and control access rules for systems processing sensitive or regulated data.
• Run periodic Access Reviews for critical and SOX-in-scope systems.
• Design and implement technical controls required for SOX IT audit.

Security Architecture & Audits

• Conduct security audits for new services and major architectural changes.
• Collaborate with engineers to identify and mitigate security issues early in the design phase.

Infrastructure & Tooling

• Manage CSPM operations via : configure dashboards tune alerts triage incidents.
• Drive implementation of SIEM and DLP systems (currently in progress).
• Maintain and monitor Google Workspace security policies.
• Operate and evolve device management via Kanji MDM.

• Fully remote and full-time collaboration with professional freedom and minimal micromanagement;
• Dynamic Team: Join a diverse global team with experience across tech ed-tech and various industries;
• We use digital tools like Miro Notion and Google Workspace for seamless collaboration;
• Impactful Work: Your efforts directly influence the success rates of students finding jobs post-graduation.

*At this time we are unable to offer H-1B L-1A/B sponsorship opportunities.

**This job description is not designed to contain a comprehensive listing of activities duties or responsibilities that are required. Nothing in this job description restricts managements right to assign or reassign duties and responsibilities at any time.

***TripleTen is an equal employment opportunity/affirmative action employer and considers qualified applicants for employment without regard to race color religion sex national origin age religion disability marital status sexual orientation gender identity/expression protected military/veteran status or any other legally protected factor.

Requirements :

• 5 years in Security Engineering or similar roles with at least 2 years at a senior/staff level.
• Strong knowledge of cloud infrastructure (AWS GCP or Azure) and SaaS tools.
• Hands-on experience with CSPM SIEM or DLP solutions.
• Familiarity with compliance frameworks like SOX ISO 27001 or SOC2.
• Ability to perform threat modeling and communicate risks and trade-offs clearly.
• Scripting or automation experience (Python Go Terraform) is a plus.
• Proficient in English.

Remote Work :

Yes

Employment Type :

Full-time