Senior Security Engineer

As a Senior Security Engineer, you will be a cornerstone of our security organization, responsible for architecting and scaling our defenses across Application Security, Cloud Infrastructure, and Security Operations (SecOps). We aren’t just looking for someone to run scanners; we want a forward-thinking engineer who views AI as a force multiplier. You will leverage cutting-edge tools like Claude Code, Cursor, and Codex to automate the mundane, accelerate vulnerability remediation, and build a "paved road" for our developers. To thrive in this role, you must be comfortable wearing multiple hats—from leading a threat modeling session for a new feature to fine-tuning our detection and response capabilities in the SOC. You are an advocate for "security as code" and believe that the best security programs are those that empower engineers rather than slowing them down. ** Please note that this opportunity is located in New York, NY, and requires this hire to work from our office four days a week. ** As a Senior Security Engineer, you will: AI Innovation Automation: Lead the integration of AI-assisted coding and security tools (e.g., Cursor, Kiro) to revolutionize how we perform code reviews, automate triage, and generate secure-by-default boilerplate. Security Architecture Cloud: Partner with DevOps to harden our AWS/Cloud infrastructure. Use IaC (Terraform) to ensure our environment is "safe-by-default" and help manage our identity and access management (IAM) strategy. Full-Spectrum Vulnerability Management: Drive our AppSec program. You’ll oversee everything from SAST/SCA integration in the CI/CD pipeline to managing penetration tests results and remediation efforts. Modern SecOps: Help mature our Security Operations Center (SOC) functions. This includes improving our visibility, logging, and alerting strategies to ensure we can detect and respond to threats in real-time. Strategic Risk Management: Lead threat modeling (STRIDE/PASTA) and support compliance audits (SOC 2), ensuring that security is a business enabler rather than a checkbox. Mentor Advocate: Be a security champion. Educate engineering teams on modern attack vectors and mentor junior members on how to use AI tools responsibly and effectively. What makes you a great fit? The AI Edge: Proven experience or a deep curiosity in leveraging AI coding assistants (Claude Code, Cursor, etc.) and LLM frameworks to automate security workflows and write better code. Engineering Roots: A strong background in software development. You speak the language of developers and can contribute high-quality code to our internal security tooling. Cloud Fluency: Extensive experience securing AWS, GCP, or Azure (AWS preferred) and a "Security as Code" mindset using Terraform, Pulumi, or similar. AppSec Expertise: Deep understanding of the OWASP Top 10, memory safety, and modern authentication standards (OIDC, SAML, OAuth). Detection Response: Experience with SOC operations, including log analysis (SIEM), incident response, and building automated alerts for suspicious infrastructure activity. The "Startup" Mindset: You excel in fast-paced environments. You prefer "building a tool to solve a problem" over "buying a tool to hide a problem." Certifications Education: While we value skills over paper. However, certifications like OSCP, CISSP, or AWS Certified Security Specialty are a strong plus. ABOUT VTS VTS is the industry's only AI-driven platform that unifies owners, operators, brokers, and their customers across the commercial and residential real estate ecosystems. In 2013, VTS revolutionized the commercial real estate industry’s leasing operations with what is now VTS Lease. Today, VTS is the largest first-party insights and collaboration engine in the industry, transforming how strategic decisions are made and executed by real estate professionals across the globe - providing real-time and predictive analytics built from the most advanced data and techn ... (truncated, view full listing at source)