Senior Security Engineer

About Us:

Pacvue is the leading software suite for eCommerce advertising, sales, and intelligence. We help some of the world’s largest brands grow their business on Amazon, Walmart, Instacart, and other marketplaces and work with sellers and agencies of all sizes to help them compete in the constantly changing world of online retail. Our mission is to empower teams to win in the future of eCommerce, and we do it by building first-to-market technology, solving complex problems with our customers, and bringing expertise, collaboration, and innovation to our work every single day. 

Why work at Pacvue? 

• Be on the cutting edge - Pacvue is transforming the way brands and sellers win online.  Our product uses machine learning, artificial intelligence, and data to make intelligent decisions and recommendations. 
• Have fun – we have an energetic and passionate team with a joint mission to win and help our brands and sellers succeed. 
• Learn – from the best!  Our team is full of talented people who want to help you learn, grow – providing you with mentorship, the industry’s best practices and thought leadership.  
• Grow fast – the eCommerce industry has grown fast in the past 2-3 years. Pacvue has grown even faster than most high-tech companies in the market. 

About the role: 

The Senior Security Engineer (AWS) is a senior individual contributor responsible for supporting and enhancing Pacvue’s cloud and application security practices. This role works closely with Engineering, DevOps, and IT to implement security best practices, improve system resilience, and help ensure our environments are secure and compliant. 

This is a hands-on role for a security practitioner who brings strong technical expertise and enjoys collaborating with cross-functional teams to strengthen security across cloud infrastructure and applications. You will contribute to ongoing security initiatives, support program execution, and help drive continuous improvement. 

Responsibilities: 

Cloud Security (AWS) 

• Implement and maintain AWS security configurations across development, staging, and production environments 
• Apply IAM best practices, including least-privilege access and role-based access controls 
• Configure and monitor AWS-native security services such as CloudTrail, GuardDuty, Security Hub, AWS Config, and Macie 
• Participate in cloud security reviews for new and existing services 
• Support security best practices in infrastructure-as-code (Terraform, AWS CDK) and CI/CD pipelines 
• Help maintain cloud security baselines aligned to CIS Benchmarks and AWS Well-Architected Framework

Application Security 

• Contribute to secure Software Development Lifecycle (SDLC) practices, including shift-left security efforts 
• Participate in threat modeling and security design reviews 
• Operate SAST, DAST, and SCA tools integrated into CI/CD pipelines (e.g., Snyk, Checkmarx, Veracode, Semgrep) 
• Partner with engineering teams to remediate vulnerabilities and improve secure coding practices 
• Support development and maintenance of secure coding guidelines 

Vulnerability Management 

• Assist in vulnerability identification, triage, and remediation tracking across infrastructure and applications 
• Support internal and external penetration testing activities 
• Help track and report on vulnerability metrics and remediation progress 

Cross-functional Collaboration 

• Support compliance efforts such as SOC 2 Type II and ISO 27001 audits 
• Collaborate with team members to improve security processes and documentation 
• Contribute to security runbooks and incident response procedures 

Skills & Qualifications: 

• 5–8+ years of experience in security engineering, cloud security, or a related field 
• 3+ years of hands-on AWS security experience in a production environment 
• Experience with AWS security services such as IAM, GuardDuty, Security Hub, AWS Config, and CloudTrail 
• Familiarity with application security tools (SAST, DAST, SCA) 
• Experience with infrastructure-as-code tools such as Terraform or AWS CDK 
• Understanding of vulnerability management practices 
• Familiarity with security and compliance frameworks (SOC 2, ISO 27001, CIS Benchmarks) 
• Strong communication skills and ability to work effectively with cross-functional teams 

Benefits: 

• Flexible Paid Time Off  
• Paid Holidays and Floating Holidays 
• Medical, Dental, Vision, FSA/HSA, Life Insurance and Pet Insurance 
• 401k with Employer Match 
• Take up to 2 Days of Paid Time Off to Volunteer with a 501c Organization 
• Paid Parental Leave 

The annual base salary range for this position is $150,000-$175,000 USD. The actual salary will vary depending on the applicant’s experience, skills, and abilities as well as internal equity and market data for their location. This position is also eligible for an additional annual bonus compensation through one of Pacvue’s highly attractive incentive plans, full details will be provided during the recruitment process.   

#LI-Remote