Lead Security Engineer

Role Overview

Lead Security Engineer to strengthen Copia Automation’s threat model and implement robust security controls across cloud and on-premises infrastructure. You’ll design and automate security solutions, integrate them into CI/CD pipelines, and improve detection, response, and hardening across environments.

Responsibilities

• Develop, tune, and automate detection and alerting pipelines
• Support incident response investigations and root-cause analysis
• Lead endpoint and server hardening for Windows, macOS, and Linux; ensure secure configurations and continuous compliance
• Mature and maintain enterprise detection and response capabilities; drive toward ~100% visibility/monitoring coverage
• Oversee the vulnerability management lifecycle (scanning/triage → remediation tracking → executive reporting)
• Build security automation for access management, alert triage, and compliance evidence collection
• Develop, enforce, and continuously refine Zero Trust Network Access (ZTNA) policies for on-prem and cloud
• Collaborate with engineering teams on threat modeling, application security reviews, and secure-by-design architecture decisions

Requirements

• 7+ years of experience in security engineering, cloud security, or incident response (preferably SaaS/cloud-native, operating at scale)
• Deep understanding of AWS security services (e.g., GuardDuty, IAM, KMS, CloudTrail) and multi-account best practices
• Hands-on endpoint/server monitoring experience with CrowdStrike, including API integrations and telemetry enrichment
• Strong experience designing/tuning SIEM and detection pipelines in Datadog (custom metrics, dashboards, automated alert workflows)
• Proficiency with Terraform for secure IaC (modules and policy-as-code)
• Familiarity with OT security (segmentation, asset discovery, threat detection in industrial/lab environments)
• Experience automating security operations with Python, PowerShell, or Bash
• Strong understanding of vulnerability management, patch governance, and remediation prioritization
• Experience implementing ZTNA and securing hybrid cloud/on-prem environments

Benefits / Employment Details

• Hybrid role based in New York City
• Full-time, permanent with equity packages
• $172,000–$215,000 per year
• Unlimited PTO and employer-subsidized healthcare (Aetna), commuter benefits, in-office lunches, and more