Senior Security Engineer

Senior Security Engineer

Headquarters CGM - Austin, TX

Overview

Salary Range $79,100.00 - $129,950.00 Salary/year Position Type Full Time

Description

Senior Security Engineer

(Full Time, Salary, Exempt)

Looking to join a growing company dedicated to helping others? We offer that, plus competitive salaries, a culture of learning, and a fast-paced environment. This is a hybrid position with 3 days in-office. Join our team to help make a difference in the lives of others!

In addition to the posted base salary range, this role includes eligibility for an annual bonus based on individual and company performance. Total compensation will be determined based on the individual's qualifications, including education and relevant industry and work experience.

About Continental General:

The Continental General family of companies has provided insurance, including life and long-term care policies, to individuals and groups for over 30 years, and currently supports over 200,000 policyholders. Both our insurance company, Continental General Insurance Company, and our third-party administrator, Continental General Services, are committed to the continuous development of our infrastructure, processes, and people. The group is actively growing through expansion of both its insurance portfolio and its administrative services. With each opportunity, we take a collaborative approach to address challenges and provide unique solutions.

Position Summary:

The Senior Security Engineer is a hands-on technical contributor responsible for advancing security platforms, detections, automation, and cloud security capabilities across AWS, SaaS, and enterprise environments. In this role, you will own engineering execution across major security initiatives, build and tune platform integrations, improve observability, and expand detection and response capabilities through modern engineering practices including AI-assisted development.

You will design and implement detections, develop SOAR and automation workflows, and enhance cloud security guardrails. The Senior Security Engineer partners closely with cloud, identity, SASE, and application security teams to engineer controls, expand telemetry, and build scalable detection and response capabilities. You approach this work with a genuine curiosity about emerging tools and techniques, actively seeking out new ways to accelerate delivery and reduce manual effort through AI and automation.

This role is well-suited for an engineer who is self-directed and comfortable operating without heavy oversight, who brings a strong sense of craft to their work, and who stays ahead of the field by experimenting with tools before they become mainstream. The Senior Security Engineer serves as a reliable, high-output contributor between the SOC and platform engineering, ensuring operational needs translate into durable, scalable technical solutions.

Key Responsibilities:

• Platform Engineering & Technical Direction
  • Own engineering and advanced configuration across SIEM, SOAR, CSPM, EDR, SASE, and data security platforms.
  • Build integrations, logging pipelines, and enrichment logic across AWS, SaaS, and identity providers.
  • Contribute to platform strategy, participate in technology selection and proof-of-concept evaluations.
  • Apply and help refine engineering standards for logging, telemetry, detection content, and automation practices.
• Detection Engineering & Telemetry
  • Develop and tune detections mapped to MITRE ATT&CK, cloud threats, and environment-specific risk.
  • Build enrichment pipelines, correlation logic, and advanced SIEM analytics (Splunk SPL).
  • Identify logging and telemetry gaps and engineer new data sources across AWS and SaaS platforms.
  • Partner with threat intelligence to incorporate adversary behaviors into detection logic and hunting hypotheses.
• Automation, AI & SOAR
  • Design and implement SOAR playbooks, enrichment workflows, and automated response actions.
  • Develop automation scripts and APIs (Python, PowerShell, Bash) for security operations functions.
  • Integrate AI-assisted enrichment, summarization, and decision support into engineering and SOC workflows.
  • Use AI-assisted development tools to accelerate automation build-out, reduce manual workflows, and improve iteration speed on security engineering tasks.
  • Proactively evaluate emerging AI tooling, agentic workflows, and automation integrations for applicability to security operations; bring validated approaches to the team before they become industry standard practice.
• Cloud, CSPM & AWS Security Engineering
  • Engineer cloud security controls and observability across multi-account AWS environments.
  • Extend CSPM capabilities with custom rules, policies, automation, and remediation pathways.
  • Implement and maintain AWS security guardrails across Security Hub, GuardDuty, Inspector, Macie, CloudTrail, and IAM.
  • Collaborate with cloud engineering and DevOps teams on secure architectures, monitoring patterns, and CloudWatch Logs data protection (PII/PHI masking).
• SASE, DSPM & Data Protection
  • Support technical implementation and optimization of SASE platforms, including SWG, CASB, and ZTNA control.
  • Integrate DSPM platforms into detection, response, and SOAR workflows.
  • Engineer data visibility and protection controls across SaaS, cloud storage, and API environments.
  • Partner with identity and security teams to drive Zero Trust-enabling controls and telemetry expansion.
• Application & API Security Enablement
  • Support AppSec and API security by integrating telemetry, SAST/DAST findings, and runtime controls into detection workflows.
  • Engineer detection patterns for OWASP Top 10 vulnerabilities and API misuse patterns.
  • Collaborate with DevSecOps to automate application security validation and implement CI/CD security guardrails.
• Incident Response Engineering
  • Serve as technical engineering escalation during active security investigations and incident response.
  • Build IR automation, forensic data integrations, and evidence collection workflows.
  • Implement corrective technical controls resulting from post-incident analysis and lessons learned.
  • Contribute engineering work to runbooks, playbooks, and automation patterns shared with the SOC.

Qualifications

Required Qualifications:

• 5+ years of security engineering, detection engineering, or advanced security operations experience; or the equivalent years of education and experience required.
• Expertise with SIEM detection development and correlation logic (Splunk preferred), including advanced SPL and analytics authoring.
• Strong AWS security engineering experience across multi-account environments, including Security Hub, GuardDuty, Inspector, Macie, CloudTrail, and IAM.
• Proficiency with SOAR platforms and automation scripting (Python, PowerShell, Bash) for SecOps workflow automation.
• Experience with SASE technologies (SWG, CASB, ZTNA) and/or DSPM platforms in an enterprise environment.
• Deep working knowledge of adversary TTPs and the MITRE ATT&CK framework applied to detection engineering and threat modeling.
• Experience integrating cloud and SaaS telemetry into detection and incident response workflows.
• Genuine curiosity and an early-mover instinct for emerging technologies, including AI-assisted development tools such as Claude Code; demonstrated habit of evaluating and adopting new capabilities ahead of the curve to improve security posture and reduce manual workflows.
• Self-directed working style with the ability to scope, prioritize, and execute engineering work autonomously across concurrent initiatives without close direction.

Preferred Qualifications:

• Hands-on CSPM engineering experience, including custom rules, policies, automation, and remediation workflows.
• DSPM platform integration and data-centric security controls.
• SASE platform engineering experience, including SWG, CASB, ZTNA policy configuration.
• SOAR workflow architecture and automation strategy across multi-platform environments.
• Relevant certifications: GIAC (GCIA, GCIH, GCED, GDAT), AWS Certifications, CISSP, or equivalent.
• Hands-on experience with AI-assisted development tools (Claude Code, GitHub Copilot, Cursor, or similar) applied to security engineering or automation workflows.

Why Join Us