Apply on Employer Site

Contentful · 4 hours ago

Security Engineer

New York City, New York, United States

Full-time

Onsite

Mid Level

$153K/yr - $207K/yr

4+ years exp

Contentful is a leading digital experience platform that helps modern businesses meet the growing demand for engaging, personalized content at scale. They are seeking a committed and driven Security Engineer to support day-to-day security operations and enhance practical, scalable security solutions across the organization.

Cloud ComputingCMSContentDeveloper ToolsPublishingSaaSSoftware

H1B Sponsor Likely

Responsibilities

Lead initiatives and partner with teams to embed practical security safeguards and champion a security-first mindset across the business

Lead security assessments and remediation for enterprise cloud environments, internal systems, and third-party systems to proactively identify and address risk

Support vulnerability management by identifying, tracking, and partnering with teams to drive remediation of security issues

Develop and maintain security solutions through custom development and effective tool management to enhance efficiency and operational effectiveness

Leverage industry standards to develop hardening requirements and monitoring mechanisms that enforce and strengthen security of systems and environments

Drive security and monitoring enhancements across enterprise cloud and SaaS workloads, platforms, and supporting infrastructure

Participate actively in incident investigations through independent analysis, contributing to findings, root cause analysis, and remediation efforts

Build and automate security controls to scale access reviews, evidence collection, and compliance activities

Research and evaluate emerging threats, vulnerabilities, and security technologies to keep defenses up to date

Advance identity and access management controls across enterprise systems, including least privilege, just-in-time access, conditional access, and zero trust

Enhance and automate controls to assess, manage, and secure third-party SaaS systems and vendors

Qualification

Security EngineeringAWS SecurityPythonVulnerability ManagementIdentityAccess ManagementTerraformCloud SecurityIncident ResponseNetworking KnowledgeJavaScriptGoProactive MindsetCommunication SkillsCollaboration Skills

Required

4+ years of security engineering, DevSecOps, or equivalent experience

Ability to support on call for occasional off-hours incident response efforts

Hands-on expertise with AWS architecture, services, and security features

Proficiency in Python to build and maintain security tools

Familiarity securing cloud platforms, including configuration, access controls, and runtime protection

Experience using Terraform to build, deploy, and maintain infrastructure as code

Strong foundational networking knowledge of cloud networking concepts, OSI model, TCP/IP, and routing

Practical knowledge of email architecture and controls, including SMTP, MX records, SPF, DKIM, and DMARC

Experience hardening Mac, Windows, and Linux systems

Hands on experience with MDM providers, endpoint protection tools, and posture management controls

Demonstrable ability to embed security considerations throughout the software development lifecycle

Hands-on involvement supporting vulnerability management and incident response functions

Familiarity with authentication and authorization protocols and mechanisms (OAuth, SAML, JWT, IAM)

Experience identifying and mitigating OWASP Top 10 vulnerabilities in web applications and APIs

Clear and effective communication skills

Ability to articulate security risks and tradeoffs to both technical and semi-technical audiences

A proactive, growth-oriented mindset focused on continuous learning, innovation, and raising security standards

Passion designing and performing hands-on implementation work

Ability to work in a fast-paced environment, often juggling multiple projects

Ability to integrate systems through APIs, parsing, normalizing, and integrating datasets

Experience identifying and mitigating risks in enterprise, SaaS, and custom build systems

Experience securing third party services, through reviews, custom integration, and monitoring

Hands on experience with leading identity providers and cloud provider entitlements

Practical mindset to balance business needs with security requirements

Ability to drive change through continuous improvement

Capable of working independently and collaboratively as a team

Comfortable working with a geographically dispersed team

Preferred

Additional exposure to Cloudflare, GCP, and/or Azure is valued

Exposure to Javascript and Go with the ability to perform security code reviews

Benefits

Stock Options for the opportunity to share in the success of our company

Comprehensive healthcare package covering 100% of monthly health premiums for employees and 85% of costs for your dependents.

Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.

A generous amount of paid time off, including vacation days, sick days, compassion days for loss, education days, and volunteer days

Company paid parental leave to care for and focus on your growing family

Use your personal annual education budget to improve your skills and grow in your career

Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties

An annual wellbeing stipend to care for your physical, financial, or emotional health

A monthly communication stipend and phone hardware upgrade reimbursement.

New hire office equipment stipend for hybrid or distributed employees.

Company

Contentful

Glassdoor3.4

Contentful offers a headless content management system that helps organizations deliver content across channels.

Founded in 2013

Berlin, Berlin, DEU

501-1000 employees

https://www.contentful.com

H1B Sponsorship

Contentful has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (2)

2021 (2)

Funding

Current Stage

Late Stage

Total Funding

$349.6M

Key Investors

Tiger Global ManagementSapphire VenturesGeneral Catalyst

2021-07-28Series F· $175M

2020-06-17Series E· $80M

2018-12-05Series D· $33.5M

Leadership Team

Karthik Rau

Chief Executive Officer

Steve Sloan

CEO

Recent News

EIN Presswire

Lounge Lizard Worldwide and Contentful Form Strategic Partnership to Power Enterprise Website Design and Web Development

2026-01-16

Tech Funding News

13 Germany’s hottest private tech startups valued in the billions

2025-09-27

Destination CRM

Markup Launchesa AI Content Guardian Agents

2025-09-19

Company data provided by crunchbase