Senior Security Engineer I

As a Senior Security Engineer, you will be responsible for designing, implementing, and maintaining the security controls that protect our cloud infrastructure and edge services. You will bridge the gap between high-level security architecture and hands-on infrastructure-as-code (IaC), ensuring our global platforms remain resilient against modern threats, including those targeting cloud-native workloads and AI-driven features. Depending on your profile, some of your responsibilities can include: Experience range 6 to 10 Years CNAPP Management: Act as the primary owner for the Cloud-Native Application Protection Platform (CNAPP), using it to identify misconfigurations, manage vulnerabilities, and enforce compliance across multi-cloud environments. Cloud Visibility Governance: Utilize CNAPP and CSPM (Cloud Security Posture Management) to gain deep visibility into identities, secrets, and data risks, ensuring clear prioritization of security findings. Edge Application Protection: Deploy and manage Web Application Firewalls (WAF) and Edge Security layers to mitigate Layer 7 attacks, DDoS, and malicious bot activity. Workload Protection: Oversee Endpoint Detection and Response (EDR) and Cloud Workload Protection (CWPP) to monitor and secure containers, serverless functions, and virtual machines. Data Identity Governance: Design secure key management (KMS) and identity-aware access policies (IAM) to enforce Zero Trust principles. Security Automation: Integrate CNAPP findings into the CI/CD pipeline and develop automations via Infrastructure as Code (Terraform/Ansible) to remediate risks at scale. Must have: CNAPP Mastery: Deep, hands-on experience with Cloud-Native Application Protection Platforms (CNAPP), specifically focusing on Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWPP). Vulnerability Risk Management: Proven ability to triage and prioritize cloud security risks (misconfigurations, toxic combinations of permissions, and vulnerabilities) using centralized security platforms. Cloud Edge Protection: Strong experience with Edge Security services, including WAF, DDoS mitigation, and Zero Trust Network Access (ZTNA). Infrastructure as Code (IaC): Proficiency in Terraform or Ansible, with a focus on "shifting security left" by scanning IaC templates before deployment. Cloud Fundamentals: Expert knowledge of AWS security services, specifically Identity and Access Management (IAM), Key Management Service (KMS), and CloudTrail. Technical Communication: Ability to translate complex CNAPP alerts into actionable remediation steps for engineering teams. Comprehensive understanding of the OWASP Top 10 and common cloud security vulnerabilities. Linux/Unix proficiency. Nice to have: Experience with serverless security and edge computing (e.g., Edge Workers). Familiarity with automated security scanning tools (SAST/DAST/IAST). Understanding of compliance frameworks (ISO 27001, NIST, SOC2) as they relate to cloud environments. Relevant certifications (e.g., AWS Security Specialty, CCSK, or platform-specific CNAPP certifications). Talkdesk is pioneering a new era of Customer Experience Automation (CXA), redefining how the world’s most admired brands interact with their customers through AI. Our global team of courageous innovators is customer-obsessed, building AI-first solutions that put empathy, trust, and transparency at the center of every interaction. We foster an inclusive culture where diverse perspectives drive our success and every voice belongs. Combining the stability of a global leader with the agility of a disruptor, Talkdeskers are empowered with the autonomy to drive meaningful impact, while giving back to the communities and environment around us. Talkdesk has been recognized as a Leader in the Gartner® Magic Quadrant™ for Contact Center as a Service (CCaaS) and in the G2 Overall Grid® Reports for AI Agents and Contact Center. With seven consecutive years on the Forbes Cloud 1 ... (truncated, view full listing at source)