Senior Security Engineer

Job Description

Ethos is seeking a Senior Security Engineer to join their Trust and Safety team. The company is dedicated to making life insurance accessible and convenient through technology and data science. Ethos's platform transforms the traditional life insurance process into a modern digital experience.

The Senior Security Engineer will be responsible for building security services and performing technical security risk assessments to support Ethos's main product. They will help architect and build internal security standards and frameworks, deploying security controls aligned with security principles like least privilege and zero-trust architecture.

The role involves:

• Designing, developing, and deploying security mechanisms.
• Building robust threat detection and monitoring workflows.
• Conducting threat modeling, design reviews, and security testing.
• Communicating risks to engineering staff.
• Partnering with DevOps to automate security controls.
• Leading the vulnerability management lifecycle.
• Participating in investigations and incident response.
• Assisting with compliance activities like SOC2.

Requirements:

• 5+ years of InfoSec experience.
• Familiarity with AWS cloud security and automation.
• Proficiency in threat modeling and security testing.
• Hands-on experience with CI/CD and DevOps tools.
• Experience in vulnerability/threat management.
• Experience with penetration tests/red team exercises.
• Expertise with event management/SIEM solutions.
• Able to come into San Francisco, CA office once a week

Ethos offers:

• Hybrid work environment