Senior Security Engineer

About Us: Pacvue is the leading software suite for eCommerce advertising, sales, and intelligence. We help some of the world’s largest brands grow their business on Amazon, Walmart, Instacart, and other marketplaces and work with sellers and agencies of all sizes to help them compete in the constantly changing world of online retail. Our mission is to empower teams to win in the future of eCommerce, and we do it by building first-to-market technology, solving complex problems with our customers, and bringing expertise, collaboration, and innovation to our work every single day.  Why work at Pacvue?  Be on the cutting edge - Pacvue is transforming the way brands and sellers win online.  Our product uses machine learning, artificial intelligence, and data to make intelligent decisions and recommendations.  Have fun – we have an energetic and passionate team with a joint mission to win and help our brands and sellers succeed.  Learn – from the best!  Our team is full of talented people who want to help you learn, grow – providing you with mentorship, the industry’s best practices and thought leadership.   Grow fast – the eCommerce industry has grown fast in the past 2-3 years. Pacvue has grown even faster than most high-tech companies in the market.  About the role:  The Senior Security Engineer (AWS) is a senior individual contributor responsible for supporting and enhancing Pacvue’s cloud and application security practices. This role works closely with Engineering, DevOps, and IT to implement security best practices, improve system resilience, and help ensure our environments are secure and compliant.  This is a hands-on role for a security practitioner who brings strong technical expertise and enjoys collaborating with cross-functional teams to strengthen security across cloud infrastructure and applications. You will contribute to ongoing security initiatives, support program execution, and help drive continuous improvement.  Responsibilities:  Cloud Security (AWS)  Implement and maintain AWS security configurations across development, staging, and production environments  Apply IAM best practices, including least-privilege access and role-based access controls  Configure and monitor AWS-native security services such as CloudTrail, GuardDuty, Security Hub, AWS Config, and Macie  Participate in cloud security reviews for new and existing services  Support security best practices in infrastructure-as-code (Terraform, AWS CDK) and CI/CD pipelines  Help maintain cloud security baselines aligned to CIS Benchmarks and AWS Well-Architected Framework Application Security  Contribute to secure Software Development Lifecycle (SDLC) practices, including shift-left security efforts  Participate in threat modeling and security design reviews  Operate SAST, DAST, and SCA tools integrated into CI/CD pipelines (e.g., Snyk, Checkmarx, Veracode, Semgrep)  Partner with engineering teams to remediate vulnerabilities and improve secure coding practices  Support development and maintenance of secure coding guidelines  Vulnerability Management  Assist in vulnerability identification, triage, and remediation tracking across infrastructure and applications  Support internal and external penetration testing activities  Help track and report on vulnerability metrics and remediation progress  Cross-functional Collaboration  Support compliance efforts such as SOC 2 Type II and ISO 27001 audits  Collaborate with team members to improve security processes and documentation  Contribute to security runbooks and incident response procedures  Skills & Qualifications:  5–8+ years of experience in security engineering, cloud security, or a related field  3+ years of hands-on AWS security experience in a production environment  Experience with AWS security services such as IAM, GuardDuty, Security Hub, AWS Config, and CloudTrail  Familiarity with application security tools (SAST, DAST, SCA)  Experience with infrastructure-as-code tools such as Terraform or AWS CDK  Understanding of vulnerability management practices  Familiarity with security and compliance frameworks (SOC 2, ISO 27001, CIS Benchmarks)  Strong communication skills and ability to work effectively with cross-functional teams  Benefits:  Flexible Paid Time Off   Paid Holidays and Floating Holidays  Medical, Dental, Vision, FSA/HSA, Life Insurance and Pet Insurance  401k with Employer Match  Take up to 2 Days of Paid Time Off to Volunteer with a 501c Organization  Paid Parental Leave  The annual base salary range for this position is $150,000-$160,000 USD. The actual salary will vary depending on the applicant’s experience, skills, and abilities as well as internal equity and market data for their location. This position is also eligible for an additional annual bonus compensation through one of Pacvue’s highly attractive incentive plans, full details will be provided during the recruitment process.    #LI-Remote Pacvue is committed to employing a diverse workforce. Qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity, gender expression, veteran status, or disability. Offices: (Pacvue);