Security & Infrastructure Engineer

Benefits

Parental leave

Not verified

Non-birth-parent leave

Not verified

Family-building benefits

• Fertility benefits: Not verified
• Adoption assistance: Not verified
• Surrogacy assistance: Not verified

Mental health support

Not verified

Relocation assistance

Not verified

Childcare support

Not verified

Learning budget

Not verified

Verification

Not verified

Salary

Not verified

401(k) match

Not verified

Was this benefit information wrong? Tell us.

Market context

U.S. role benchmark (BLS OEWS)

$111,944 U.S. median for this role

Projected growth (BLS Employment Projections)

+13.7% - Much faster than average

Matched to SOC 15-1252 - Data and ML aggregate by role bucket.

Source: U.S. Bureau of Labor Statistics, OEWS, May 2024 and Employment Projections, 2024-2034.

Schedule

Shift type

Not verified

Weekend work

Not verified

Application

Cover letter

Not verified

Assessment

Not verified

Deadline

Not stated

Where they hire

State eligibility is not yet verified.

About this role

Security & Infrastructure Engineer New York City | OnSite ABOUT POINTONE PointOne builds infrastructure for the legal industry, powering timekeeping and billing systems used by law firms and government agencies. We build and operate systems that process the most confidential data for institutions working on the most sensitive matters. Security for us is a strategic priority. We're hiring a senior engineer to own the security, scalability, and cost efficiency of our AWS environment. THE ROLE Let's start with what this isn't: - Not a GRC or paperwork-heavy compliance role - Not a vulnerability-scanning-only position - Not a “turn on GuardDuty and call it done” role You will be shaping critical systems and making architectural decisions that materially affect risk and resilience. This is a hands-on engineering role at the intersection of security, cloud architecture, and platform optimization. You will harden our AWS infrastructure, reduce blast radius, eliminate unnecessary exposure, and ensure our systems scale efficiently and securely. WHAT YOU'LL OWN Infrastructure Security - Design and enforce least-privilege IAM across services - Implement permission boundaries and SCP strategy - Reduce attack surface across networking and service exposure - Improve secrets management and KMS key segmentation - Lead threat modeling across core systems - Design blast-radius containment strategies Detection & Response - Strengthen logging, monitoring, and anomaly detection - Ensure logs are immutable and auditable - Build and test incident response playbooks - Review new infrastructure designs for security risks Scale & Cost - Optimize AWS architecture for reliability and efficiency -

Read the full description at jobs.ashbyhq.com. FewerJobs shows a source-linked preview and links to the original posting.