Security Engineer II

• At least 3 to 5 years of full-time experience in a security engineering or similar role in a group/team environment • Familiarity with common web application and network security concepts, threats, and vulnerabilities (e.g., OWASP Top 10) • Experience with security best practices across different technology stacks (e.g., server-side, client-side, mobile) • Proven ability to design and implement secure architectures in a cloud-native environment, including experience conducting threat modeling and security design reviews • Embracing the Agile and feature-driven development processes • Bachelor of Science in Computer Science, Computer Engineering, Cybersecurity, or equivalent experience • Experience with security features and tools available from cloud providers such as AWS, Azure, and GCP • Experience with security testing tools (e.g., SAST, DAST, penetration testing tools) • Experience with configuration management and infrastructure as code tools (e.g., Terraform, Ansible) • Knowledge of data security best practices related to PCI/DSS, HIPAA, or other compliance standards • Understanding of AI security best practices and prompt injection prevention and identification • Familiar with common security frameworks and standards (e.g., ISO 27001, NIST, SOC 2) • Experience with REST API microservice architecture, securing container runtimes, Kubernetes, and related cloud-native workload security principles and practices • Familiar with good security engineering principles such as: least privilege, defense-in-depth, security automation, etc. • Experience identifying and protecting against security risks such as XSS, SQL Injection, SSRF, insecure direct object references, and session hijacking. • Experience in developing secure codebases using Git or similar version control systems • Working understanding of OAuth2, OIDC, and other authentication/authorization protocols • Knowledge of Continuous Integration, Continuous Delivery, LEAN, and SOLID principles as they relate to security • You are… • Passionate: You demonstrate our core values of Humility, Innovation, and Excellence • Passionate: • Trustworthy: You understand the importance of confidentiality with sensitive information • Trustworthy: • Organized: You naturally have the ability to prioritize multiple projects and tasks • Organized: • A Communicator:  You have a knack for clear and concise communication • A Communicator: • A Driver: You are smart, persistent, and not easily blocked • A Driver: • A Learner: You are committed to growing and staying current with new technologies • A Learner: • Location • Subsplash currently has operations in 27 states across the US! As much as we would love to have employees in as many states and countries as we have clients, we are currently limiting hiring to the states we already operate in. As a result of that, this role is only available as a 100% remote position if you reside in one of the following states: • this role is only available as a 100% remote position if you reside in one of the following states: • AL, AR, AZ, CO, FL, GA, ID, IA, IN, KS, KY, MO, MI, MN, NC, NM, OK, OH, OR, SC, SD, TN, TX, UT, VA, WA, WY. • Unfortunately, if you do not currently reside in one of these states, we are unable to consider your application. • currently