Senior Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Contentful · 5 hours ago

Senior Security Engineer

positionDenver, CO
timeFull-time
remoteHybrid
senioritySenior Level, Lead/Staff
money$174K/yr - $212K/yr
date8+ years exp

Contentful is a leading digital experience platform that helps modern businesses meet the growing demand for engaging, personalized content at scale. They are seeking a committed and driven Senior Security Engineer to lead and shape security initiatives across their cloud-native product infrastructure and corporate environments, focusing on managing alerts, operations, and continuous improvement of security programs.

Cloud ComputingCMSContentDeveloper ToolsPublishingSaaSSoftware
check
H1B Sponsor Likelynote

Responsibilities

Lead initiatives, drive cross-functional prioritization, and partner on execution to advance security efforts across the organization
Proactively identify, prioritization, and lead complex security assessments and remediation for cloud-native applications, infrastructure, and vendor integrations to drive measurable risk reduction
Support vulnerability management efforts while advancing the program by identifying systemic gaps, expanding coverage, automating workflows, and partnering with cross functional teams to prioritize and drive scalable remediation
Identify deficiencies, architect, and build scalable security solutions to improve coverage, efficiency, and resilience across security disciplines
Develop and maintain scalable hardening standards and monitoring mechanism, leading adoption and long term integration across the organization
Lead and contribute to incident investigations by executing established processes, conducting independent analysis, and coordinating effective response and remediation efforts
Design and maintain robust detection and response capabilities for cloud and container environments
Stay current on emerging threats, vulnerabilities, and attacker tactics, translating insights into actionable strategies
Mentor and guide others, fostering a culture of security awareness and best practices
Support security compliance maintenance through control ownership, automated maintenance, and enable technical teams by translating requirements into practical, actionable solutions
Communicate complex and technical concepts clearly to leadership and stakeholders
Collaborative, open to diverse opinions, and can give reasons for your technical decisions
Excited to work with and learn from other engineers
Experience with backend and frontend technologies, including frameworks like React. Knowledge of Node.js is a plus, and TypeScript experience is highly desirable
A passion for learning and experimentation
A builder mentality and desire to deliver

Qualification

Security EngineeringAWSGCPCloudflarePythonCI/CD PipelinesKubernetesTerraformVulnerability ManagementIncident ResponseOAuthSAMLJWTNetworkingOWASP Top 10SOC 2ISO 27001API IntegrationJavascriptGoReactTypeScriptProblem-solvingCommunication

Required

8+ years of security engineering, DevSecops, or equivalent experience
Expertise with AWS, GCP, and Cloudflare architecture, services, and security features
Design, implement, and maintain secure CI/CD pipelines by integrating automated security controls such as SAST, DAST, dependency vulnerability scanning, and secrets management
Proven experience designing and implementing security architecture aligned with business and technical strategies across cloud and application environments
Mastery in Python to build and maintain security tools
Exposure to Javascript and Go with the ability to perform security code reviews
Deep knowledge securing Kubernetes clusters and containers, including configuration and runtime protection
Hands-on experience using Terraform and other infrastructure-as-code tools to maintain integrity in cloud environments
Demonstrated success driving vulnerability management, threat modeling, and incident response at scale
Proficiency with authentication and authorization protocols and mechanisms (OAuth, SAML, JWT, IAM) to secure identity and access management
Strong foundational networking expertise including cloud networking architectures, OSI model, TCP/IP protocols, routing, and firewall concepts
Deep expertise in OWASP Top 10 and other application security frameworks, with proven success driving secure development practices and assessments
Working knowledge of applying compliance frameworks controls including SOC 2 and ISO 27001
Excellent problem-solving skills and ability to influence security strategy across teams
Clear and effective communication skills
Ability to articulate security risks and tradeoffs to both technical and semi-technical audiences
Practical experience integrating multiple systems through APIs and parsing, normalizing, and integrating complex datasets between integrated systems

Preferred

Experience with backend and frontend technologies, including frameworks like React. Knowledge of Node.js is a plus, and TypeScript experience is highly desirable
A passion for learning and experimentation
A builder mentality and desire to deliver
Collaborative, open to diverse opinions, and can give reasons for your technical decisions
Excited to work with and learn from other engineers

Benefits

Stock Options for the opportunity to share in the success of our company
Comprehensive healthcare package covering 100% of monthly health premiums for employees and 85% of costs for your dependents.
Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.
A generous amount of paid time off, including vacation days, sick days, compassion days for loss, education days, and volunteer days
Company paid parental leave to care for and focus on your growing family
Use your personal annual education budget to improve your skills and grow in your career
Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties
An annual wellbeing stipend to care for your physical, financial, or emotional health
A monthly communication stipend and phone hardware upgrade reimbursement.
New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.

Company

Contentful

twittertwittertwitter
Glassdoor3.4
company-logo
Contentful offers a headless content management system that helps organizations deliver content across channels.
dateFounded in 2013
location
Berlin, Berlin, DEU
people-size501-1000 employees
web-link
https://www.contentful.com

H1B Sponsorship

Contentful has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2023 (2)
2021 (2)

Funding

Current Stage
Late Stage
Total Funding
$349.6M
Key Investors
Tiger Global ManagementSapphire VenturesGeneral Catalyst
2021-07-28Series F· $175M
2020-06-17Series E· $80M
2018-12-05Series D· $33.5M

Leadership Team

leader-logo
Karthik Rau
Chief Executive Officer
linkedin
leader-logo
Steve Sloan
CEO
linkedin

Recent News

EIN Presswire
Lounge Lizard Worldwide and Contentful Form Strategic Partnership to Power Enterprise Website Design and Web Development
2026-01-16
Tech Funding News
13 Germany’s hottest private tech startups valued in the billions
2025-09-27
Destination CRM
Markup Launchesa AI Content Guardian Agents
2025-09-19
Company data provided by crunchbase