Purpose of the Job
As members of 6sense’s Security department, the Security Engineering team protects the
platform and ensures that the product is secure. Infrastructure Security Engineers partner
with infrastructure, platform, and engineering teams to identify and mitigate cloud security
risks.
Job Description
Responsibilities & Accountabilities
• Operate CNAPP tool to facilitate Infrastructure security vulnerability management
processes
• Conduct cloud security assessments and implement remediation strategies
• Advise infrastructure teams on cloud security standards and hardening activities
• Perform vulnerability assessments of golden AMIs
• Ensure the security logging standard is adopted and followed
• Provide logging and monitoring support to Security Operations
• Leverage scripting skills to automate tasks, integrate tools, and build workflows
• Support risk assessment, compliance, and other security department initiatives
• Design and execute quarterly (O)KRs
Performance Measurement
• Understands the 6sense product and platform basics
• Participates in weekly 1:1s with manager and monthly skip levels
• Implements security controls considering the latest security threats, trends, and best
practices to ensure that 6sense's security posture remains effective and efficient
• Manages vulnerabilities with CVEs to remediation within targeted SLA or risk
acceptance
• Maintains inventory of security scope and coverage for 6sense product(s)
• Maintains up to date collateral, metrics and processes
Person Specification
Educational and Experience Requirements
• 3-5 years of experience in information security, with a focus on cloud security,
infrastructure security, security engineering, or SRE
• Familiarity with AWS security controls, monitoring, and orchestration (SCPs, Guard
Duty, Config, Macie, etc.)
• Working knowledge of network security, WAF, DDoS mitigation, authentication,
encryption, and vulnerability management
• Working knowledge of CI/CD, Kubernetes, IaC, and serverless technologies
Preferred Qualifications
• Bachelor's degree in a related field
• Relevant industry certifications, such as AWS, CNCF, and GIAC are highly desirable
Competencies and Behaviors
• In-depth knowledge of at least one major cloud platform (e.g., AWS, GCP) and their
native security services preferably AWS
• Working knowledge of IAM, WAF, GuardDuty, SecurityHub, EC2, SSO, KMS, AWS
Organizations
• Understanding of security principles, including threat modeling, risk assessment, and
incident response.
• Proficiency in networking concepts, protocols (TCP/IP, HTTP, DNS), and network
security (firewalls, VPNs, intrusion detection).
• Hands-on in scripting languages (Python, Bash) for automation and security tasks.
• Familiarity with security tools like vulnerability scanners, intrusion detection
systems, and SIEM solutions.
• Understandings of DevOps/DevSecOps practices, CI/CD pipelines, and IaC tools.
• Excellent communication skills, including verbal, written, and presentation skills, and ability to appropriately address audience in communications
• Translates technical requirements into actionable and timebound requests
• Maintains accuracy of information
• Effective prioritization and escalation to management
Certifications (Optional):
• AWS Certified Solutions Architect
• AWS Certified Security - Specialty
• Google Cloud Certified Professional Cloud Security Engineer
• CCSP – Certified Cloud Security Professional
Base Salary Range: $131,169 to $192,381. The base salary range represents the anticipated low and high end of the base salary range for this position. Actual salaries may vary and may be above or below the range based on various factors, including but not limited to work location and experience. The base salary is one component of 6sense’s total compensation package for this position. Other compensation may include a bonus program or commission plan, and stock options if approved by 6sense’s board. In addition, 6sense provides a variety of benefits, including generous health insurance coverage, life, and disability insurance, a 401K employer matching program, paid holidays, self-care days, and paid time off (PTO). #Li-remote