Senior Security Engineer
San Antonio, TX
Senior Security Engineer with 11+ years securing AWS/Azure enterprise environments, building scalable IAM programs, and leading vulnerability management in retail, healthcare, and financial services. Blends hands-on engineering (Terraform, Python, Vault, Splunk, Wiz, Prisma Cloud) with governance and risk alignment (NIST 800-53, SOC 2, PCI DSS, SOX/FFIEC, HIPAA, GDPR/CCPA).
Salary
GBP 100,000 โ 130,000
lululemon
May 2022 โ Sept 2025
Directed enterprise AWS remediation across dozens of accounts; built AI Security Checklist aligned to OWASP LLM/MITRE ATLAS; managed Synack bug bounty engagements; authored Terraform for secure egress patterns; designed posture dashboards with Wiz/Prisma Cloud; implemented Island.io secure browser with Okta DLP; consolidated detections into Splunk/Microsoft Sentinel; published 8+ internal AWS guides and mentored engineers.
GoHealth
Jan 2020 โ Apr 2022
Enforced HIPAA/SOC 2 controls in AWS; integrated Prisma Cloud and Wiz into CI/CD; designed RBAC mapping between AWS IAM and Azure Entra ID with JIT via PIM/Okta; built Jira-driven CVE workflows; tuned Splunk correlation rules; partnered on PCI DSS scoping; developed reusable Terraform modules; performed third-party vendor assessments.
Ally Financial
Jan 2019 โ Dec 2019
Rolled out Okta federation/SSO with adaptive MFA; deployed Azure Entra ID PIM for JIT admin access; implemented HashiCorp Vault SSH/LDAP secrets engines; automated de-provisioning and key rotation with Python/Bash; fed GuardDuty/CloudWatch into Splunk ES; aligned PCI DSS encryption and tokenization; contributed to enterprise Zero Trust patterns.
Merkle
Jan 2017 โ Dec 2018
Stood up secure multi-account AWS landing zone with CIS Foundations controls; built Terraform-first IAM with ServiceNow approvals; integrated Lacework and Rapid7 for posture/vulnerability scanning; implemented Acunetix DAST in CI; authored GDPR/CCPA security addenda; conducted architecture reviews for client workloads.