Senior Platform Security Engineer
Indexed description
The Position
The Platform Security team sits within NMC²’s Security organization and is responsible for securing the engineering platforms and infrastructure that power our HPC and cloud environment. Our mission is to build real-time security visibility and a proactive vulnerability management capability into the core of how NMC²’s platforms are built and operated — ensuring that security is never an afterthought in an environment where the stakes are exceptionally high.
As a Senior Platform Security Engineer, you will play a pivotal role in detecting, assessing, and remediating vulnerabilities across our platform engineering stack from bare-metal infrastructure and container orchestration through to cloud services and software supply chains. You will collaborate closely with Platform Engineering and DevOps teams to embed real-time threat detection and vulnerability management into the development lifecycle, ensuring our infrastructure is resilient, continuously monitored, and hardened against emerging threats.
Responsibilities
- Own the design and operation of NMC²’s vulnerability management program across the platform engineering stack, including infrastructure, containers, and cloud services
- Implement and tune real-time security monitoring and threat detection tooling, ensuring high-fidelity signal across our HPC and cloud environments
- Partner with Platform Engineering and DevOps teams to integrate security scanning and vulnerability assessment into CI/CD pipelines and Infrastructure-as-Code workflows
- Lead vulnerability triage and prioritization, working with engineering teams to drive timely and effective remediation of identified risks
- Conduct platform-level security assessments, contributing to threat modelling and attack surface analysis across our infrastructure and software supply chain
- Develop automation to continuously assess the security posture of our platforms, reducing manual effort and improving detection coverage
- Contribute to the continuous improvement of platform security practices, tooling, and processes, helping foster a security-first culture across engineering
- 6+ years of experience in security engineering, with a strong focus on platform, infrastructure, or application security
- Hands-on experience with vulnerability management tooling and real-time security monitoring platforms (e.g. Qualys, Tenable, Wiz, Lacework, Prisma Cloud, or similar)
- Strong understanding of software and infrastructure security, including container security, supply chain risk, secrets management, and secure configuration
- Experience securing container orchestration platforms such as Kubernetes and OpenStack, and cloud environments including AWS and/or Azure
- Proficiency in Linux and familiarity with how platform engineering teams build and operate infrastructure
- Experience integrating security tooling into CI/CD pipelines and IaC workflows, with scripting ability in Python, Bash, Go, or similar
- Good knowledge of vulnerability scoring frameworks (CVSS), exploit maturity, and risk-based prioritization
- A strong interest in the security domain and a collaborative approach to working with engineering teams to solve complex technical problems
- Experience with runtime threat detection tools such as Falco or eBPF-based security tooling
- Familiarity with software supply chain security frameworks (e.g. SLSA, SBOM generation, Sigstore)
- Background working within or alongside a SOC or threat intelligence function
- Relevant certifications such as OSCP, GIAC (GPEN/GWAPT/GCSA), AWS Security Specialty, or equivalent
- Company-Paid Lunch Stipend: Lunch is provided via GrubHub
- Company-Paid Benefits: 100% Employer-Paid Medical in our High Deductible Health Plan, Dental and Vision benefits for employees and their families, 16 weeks of Paid Parental Leave, Employee Assistance Program, Life insurance, Short-Term Disability and Long-Term Disability
- 401(k): Company will match 100% of your contributions up to 6%
- Optional Employee-Paid Benefits: Medical insurance in our PPO plan and a variety of other benefits such as Health Savings Accounts (with Company Contribution!), Flexible Spending Accounts, Supplemental Life Insurance, Wellhub and more.
- Time Off: 25 days of Paid Time Off plus 12 company holidays
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search