Senior Infrastructure Security Engineer - Remote

Senior Infrastructure Security Engineer - Remote

Apply remote type Remote locations United States - Remote time type Full time posted on Posted Yesterday job requisition id JR101903

BigCommerce’s mission is to help merchants sell more at every stage of growth, from small startups, to mid-market businesses to large enterprises. We focus on being the best ecommerce platform so our customers can focus on what matters most: growing their businesses.

At BigCommerce, security is at the core of everything we do. As a Senior Infrastructure Security Engineer, you will play a critical role in securing our cloud infrastructure, mitigating threats, and ensuring compliance across Google Cloud Platform (GCP) and Amazon Web Services (AWS). You will work across multiple domains—development, operations, security engineering, incident response, and governance—helping shape our security posture while empowering engineering teams with secure-by-design principles.

This role requires a proactive problem-solver with a deep technical background, strong analytical skills, and a collaborative approach. If you have experience designing security solutions in cloud-native environments, a keen eye for threat detection, and a passion for building automated security capabilities, we want to hear from you!

What You’ll Do:

• Security Incident Response: Monitor, analyze, and respond to security incidents, leveraging tools such as SIEM and CSPM/CNAPP.

• Cloud Security Governance: Establish and maintain security best practices for GCP and AWS, including IAM, network security, data encryption, and workload protection.

• Security Reviews & Architecture Guidance: Evaluate technical designs for security implications, perform threat modeling, and provide secure architecture recommendations to engineering teams.

• Automation & Infrastructure Security: Develop and implement Infrastructure-as-Code (IaC) security controls using Terraform, CloudFormation, or equivalent tools.

• Threat Intelligence & Monitoring: Utilize data to generate insights into evolving threats, perform security log analysis, and optimize detection capabilities.

• Vulnerability Management & Hardening: Lead security assessments, cloud misconfiguration checks, and implement hardening guidelines for cloud workloads and containerized environments.

• Red & Blue Team Coordination: Conduct cloud security penetration testing, validate findings, and coordinate remediation with DevOps teams.

• Security Tooling & Engineering: Design and manage security solutions such as SIEM, CSPM, EDR, CWPP, WAF, API Security, and Secrets Management.

• Regulatory Compliance & Risk Management: Ensure alignment with PCI DSS, SOC2, ISO 27001, NIST CSF, and CIS Benchmarks.

• Mentorship & Advocacy: Act as a security champion within the organization, mentoring team members and driving a culture of security awareness.

Who You Are:

• Deep expertise in securing cloud environments on GCP and AWS, with hands-on experience in IAM, Kubernetes security, VPC security, API security and ability to maintain via Terraform or equivalent tooling.

• Minimum BS degree, CS, CE, SW, MIS or equivalent degree, or has relevant work experience.

• Strong scripting and automation skills in Python, Go, Bash, or similar languages.

• Minimum 5+ years in security-focused roles, including cloud security, infrastructure security, or DevSecOps.

• Experience with SIEM, EDR, CSPM, CWPP, and security automation tools (e.g., SentinelOne, Sysdig, Sumo Logic, Cloudflare).

• Knowledge of identity security principles, including SSO, OAuth, OpenID Connect (OIDC), RBAC, and ABAC.

• Understanding of container security (Kubernetes, Docker, GKE, EKS) and best practices for securing microservices architecture.

• Familiarity with network security, firewall configurations, and cloud-native security controls.

• Proven ability to conduct security assessments, including penetration testing, threat modeling, and vulnerability management.

• Certifications preferred: OSCP, GCP Professional Cloud Security Engineer, AWS Security Specialty, CCSP, CISSP or equivalent.

Bonus Experience (Nice to Have)

• Experience with serverless security (e.g., AWS Lambda, Google Cloud Functions).

• Familiarity with data security solutions such as DLP, tokenization, and cloud encryption key management.

• Knowledge of SIEM correlation rules and experience tuning security detections.

• Hands-on experience with cloud-native security tools (e.g., AWS Security Hub, Google Security Command Center, GuardDuty, Cloud Armor).

• Experience working in highly regulated industries such as fintech, healthcare, or e-commerce.

Why Join Us:

• Work in a high-impact role securing a global-scale cloud infrastructure.

• Collaborate with a highly skilled, passionate security team.

• Continuous learning opportunities, certifications, and career growth support.

• Competitive compensation, a remote-friendly environment, and comprehensive benefits.

If you are passionate about cloud security and thrive in a fast-paced, collaborative environment, apply now and help us build a secure future for our platform and customers!

#LI-REMOTE

(Pay Transparency Range: $95,000.00 - $159,000.00)

The exact salary will be dependent on the successful candidate’s location, relevant knowledge, skills, and qualifications.