Senior Security Engineer

Overview

About Analog

Analog is a catalyst for change across various industries - from global enterprises to the public sector, from healthcare to ecology. Analog's approach to AI ensures that technological advancements are not just about efficiency and convenience but about enriching human experiences and fostering a more connected and mixed world. Analog is not just building technology; we are crafting a world where technology is an invisible yet indispensable part of our lives. Join us on our journey as we work to build solutions that will empower people to stop living behind the digital world and start remembering how to live in our rainbow-filled Analog world.

Job Description

We are seeking a highly skilled Senior Security Engineer to be the first hire in our Infosec team. This is a hands-on technical leadership role with high growth potential in a cutting-edge AI driven organization. The ideal candidate will have deep expertise in designing, implementing, and maintaining end-to-end security solutions across infrastructure, applications, and data. As the first dedicated security hire, you will play a pivotal role in building and shaping our cybersecurity strategy and practices from the ground up.

In this role, you will be responsible for planning, designing, and implementing security solutions, identifying risks, and ensuring compliance with industry standards. You will work closely with cross-functional teams to embed security at every level of our technology and business processes. You will also play a lead role in developing a longer term security improvements roadmap, setting the foundation for future team expansion and required security tooling investments. If you are an experienced, hands-on security professional eager to make a significant impact in a high-growth organization, we encourage you to apply.

Responsibilities

1. Security Strategy & Roadmap: Develop a comprehensive security roadmap that aligns with business strategy, supporting product launches and future business growth.
2. Security Architecture: Design, implement, and manage security architectures for cloud, on-premises, and hybrid environments.
3. Policies & Standards: Develop, enforce, and continuously improve security policies, frameworks, and best practices across the organization.
4. Risk & Compliance: Conduct risk assessments, threat modeling, and vulnerability management to proactively mitigate security threats, while ensuring compliance with relevant security standards e.g. ISO 27001, NIST, GDPR, SOC 2, and CIS benchmarks.
5. Incident Management: Lead incident response efforts, including investigation, containment, remediation, and post-mortem analysis.
6. Security Testing: Perform penetration testing, security audits, and compliance assessments to validate security posture.
7. Security Tooling: Deploy and manage security solutions such as SIEM, IDS/IPS, endpoint protection, IAM, firewalls, and encryption technologies.
8. Collaboration & Communication: Work closely with Engineering, DevOps, and IT teams to integrate security into system architectures and software development processes (DevSecOps). Communicate security risks and recommendations effectively to technical and non-technical stakeholders.
9. AI & Data Security: Develop & implement security measures to protect AI models, data pipelines and APIs from adversarial attacks and data leakage.
10. Emerging Trends: Stay current with evolving cyber threats, attack techniques, and security trends, applying knowledge to strengthen defenses.
11. Training & Awareness: Develop and conduct security awareness training programs to foster a strong security culture within the organization.
12. External Partnerships: Establish relationships with external security vendors, partners, and regulatory bodies to leverage expertise and support.

Qualifications

1. Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
2. Minimum of 5 years of hands-on experience in cybersecurity, information security, or a related field.
3. Proven experience in security architecture, engineering, and operations in cloud (AWS, Azure, GCP) and on-prem environments.
4. Strong knowledge of security frameworks such as NIST, ISO 27001, CIS Controls, and Zero Trust architecture.
5. Hands-on experience with security tools, including firewalls, SIEM, EDR, IDS/IPS, vulnerability scanners, DLP, and encryption.
6. Expertise in security incident response, threat intelligence, and forensic investigations.
7. Experience with identity and access management (IAM), multi-factor authentication (MFA), and privilege access management (PAM).
8. Proficiency in programming and scripting languages such as Python, PowerShell, or Bash.
9. Industry certifications such as CISSP, CISM, CEH, OSCP, or equivalent are highly preferred.
10. Strong knowledge of DevSecOps principles and secure software development practices.
11. Demonstrated ability to communicate effectively with both technical and non-technical audiences.
12. Experience working with security governance, risk management, and compliance (GRC) programs.
13. Excellent problem-solving, analytical, and communication skills with the ability to work independently and collaboratively.

Good-to-Have Experience

1. Experience with physical security measures, such as facility access controls, video surveillance, and security monitoring systems.
2. Knowledge of IoT security, industrial control systems (ICS) security, and supply chain security.
3. Experience implementing Zero Trust and Secure Access Service Edge (SASE) architectures.
4. Understanding of AI security risks and model protection strategies.
5. Prior experience working in high growth technology startups.

If you are passionate about cybersecurity and want to build and lead the security function in a high-growth, innovative organization, we would love to hear from you!

What Working At Analog Offers

1. Culture: An open, diverse, and inclusive environment with a global vision that encourages personal growth and focuses on ground-breaking, industry-first innovations.
2. Career: Outstanding learning, development, and growth opportunities via structured training programs and innovative, high-tech projects.
3. Rewards: A competitive remuneration package with a host of perks, including healthcare, education support, leave benefits, and more.