Platform Security Engineer

by | Apr 29, 2025 | Uncategorized

About the Role

Title: Platform Security Engineer

Location: Remote

Job Description:

LogicGate was founded with a rebellious spirit and lofty objective: to build a modern risk management platform that helps our customers grow by transforming business risks into opportunities. Since our founding in 2015, we’ve secured more than $156M in four funding series to help us grow into the company we are today, but we’re not done yet. LogicGate continues to push to lead the GRC category with our flexible and no-code risk management solution.

We are an outcomes-first company. Our success comes from our high-performing teams, so we give you the flexibility to work from where you are. You’ll have the option to be fully remote, work from our headquarters in Chicago, or hybrid unless the role has specific requirements. 

At LogicGate, we believe that the strongest teams are made up of individuals who bring their different identities, backgrounds, ideas, and experiences to the table. We remain committed to fostering an inclusive work environment where all employee differences are celebrated, their ideas matter, and everyone feels safe to bring their authentic selves to work. 

Our Company core values of Be as One, Do the Right Thing, Embrace Curiosity, Own It, Empower Customers, and Raise the Bar guide everything we do – with our customers, our employees, and all we interact with.  We are proud to have been recognized as a Built In, Crain’s Chicago Business, the Chicago Tribune, and more. Visit our website to learn about our latest recognition

We are seeking a Platform Security Engineer to join our Information Security team and help evolve our security program to the next level. This individual will primarily focus on platform and cloud security initiatives—particularly within AWS—while also having the flexibility to rotate through other security domains according to interest, skills, and organizational needs. You’ll work closely with Engineering, DevOps, and our managed security service provider to secure our infrastructure, CI/CD pipelines, and platform architecture. You’ll report directly to our Sr. Manager of Information Security, joining a small but mighty InfoSec team.

What You’ll Achieve

  • Secure Our Cloud Environment
    • Collaborate with Engineering and DevOps to design and maintain secure AWS (or other cloud service provider) architectures.
    • Identify potential cloud configuration and infrastructure vulnerabilities, implement changes via Infrastructure-as-Code (IaC) merge requests, and ensure compliance with industry best practices.
  • Drive Cloud Security & Standards Management
    • Lead vulnerability and configuration management for cloud resources, continuously improving security standards and compliance automation.
    • Collaborate with developers and DevOps to ensure secure designs, threat modeling, and best practices across the stack.
  • Mature CI/CD Pipeline Security
    • Secure our self-hosted and/or managed CI/CD toolchains, applying best practices for secrets management, code integrity checks, and artifact security.
    • Integrate automated security testing and scanning tools into the pipeline to identify and remediate vulnerabilities early.
  • Reporting & Remediation
    • Track and communicate cloud security posture, highlighting progress on remediations, threat mitigation, and overall compliance posture.
    • Participate in on-call escalation for high-severity alerts (supported by a managed service provider for Level 1 triage).
  • Contribute Across the Security Program
    • Rotate through different InfoSec areas (e.g., incident response, policy and governance, enterprise security) as needed or based on interest.
    • Champion modern security practices across teams, providing training, documentation, and mentorship.

The Value You’d Add

  • 4-7 Years of Relevant Experience
    • Prior roles in security engineering, DevOps, IT, or software development. We are also open to non-security professionals interested in transitioning into a dedicated security role.
  • Cloud & Infrastructure Security Expertise
    • Hands-on experience with AWS (or other cloud providers), including provisioning, configuration, and administrative skills.
    • Familiarity with Infrastructure-as-Code tools (e.g., Terraform, AWS CloudFormation, Ansible) and best practices for secure deployments.
    • Knowledge of containerization (Docker) and container orchestration (Kubernetes) security, focusing on identifying and applying best practices for secure image creation and cluster configuration.
  • Cloud Identity & Access Management Background
    • Background with cloud IAM services, including managing roles, permissions, policies, and secure access practices.
  • CI/CD & Automation Know-How
    • Understanding of CI/CD pipelines, common toolchains (GitLab CI, Jenkins, CircleCI, etc.), and methods to embed security checks.
    • Ability to write and troubleshoot scripts or automation to streamline security processes.
  • Broad Security Knowledge
    • Awareness of security threats, controls, and frameworks (e.g., OWASP, CIS Benchmarks, NIST) and how they apply to cloud and application environments, along with familiarity in participating in SOC2 and ISO27001 auditing.
    • Experience or willingness to get hands-on with application security, bug bounties, or red-team engagements, as well as other aspects of the security program including endpoint security, security awareness, and go-to-market activities, a plus.
  • Collaborative & Communicative
    • Strong interpersonal and communication skills, able to translate complex security issues to non-technical stakeholders.
    • Passion for sharing research, writing documentation, and presenting learnings to the technical community.
  • On-Call Readiness
    • Willingness to participate in an on-call schedule for escalated alerts in partnership with our managed security service provider.

APPLY HERE