Senior Security Engineer

Creative Realities, Inc.
Louisville, United States of America
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Louisville, United States of America

Tech stack

Amazon Web Services (AWS)
Computing Platforms
Azure
Cloud Computing
Cloud Computing Security
Computer Security
Identity and Access Management
IT Management
Intrusion Detection and Prevention
Systems Development Life Cycle
Cloud Services
Security Information and Event Management
Software Engineering
Systems Integration
Software Vulnerability Management
Enterprise Software Applications
Information Technology
CIS Benchmarks
Security Orchestration, Automation & Response

Job description

The Senior Security Engineer (SSE) is responsible for designing, implementing, and continuously improving the security posture of Creative Realities' cloud infrastructure, enterprise systems, and software platforms. This hands-on technical leadership role partners with Cloud Operations, IT, Engineering, Product, and Client Services to ensure the confidentiality, integrity, and availability of company and customer environments., The SSE is responsible for maintaining and continuously improving CRI's SOC 2 Type II security program, strengthening cloud security across AWS and Azure, integrating security into the Secure Software Development Lifecycle (Secure SDLC), and leading security operations, incident response, vulnerability management, identity and access management, and security automation initiatives. The SSE will work independently with direction from the VP of Cloud Operations and Security while serving as a trusted security advisor to internal teams and customers., * Maintain and continuously improve CRI's security program while supporting ongoing SOC 2 Type II compliance and applicable security frameworks.

  • Design, implement, and enforce security controls across AWS, Azure, and enterprise IT environments.
  • Lead vulnerability management, remediation tracking, and risk prioritization.
  • Manage Identity and Access Management (IAM), including SSO, MFA, privileged access, and least-privilege controls.
  • Develop, maintain, and lead incident response plans, security investigations, post-incident reviews, and forensic activities.
  • Partner with Engineering and Product teams to integrate security throughout the Secure Software Development Lifecycle (Secure SDLC).
  • Lead security architecture reviews for new cloud services, applications, and infrastructure.
  • Manage and improve SIEM, EDR/XDR, cloud security monitoring, and threat detection capabilities.
  • Develop security automation to improve operational efficiency, monitoring, and compliance validation.
  • Support customer security reviews, RFP responses, security questionnaires, and client assessments.
  • Conduct internal security reviews and support external audits.
  • Develop and deliver security awareness training and mentor technical staff on security best practices.
  • Evaluate emerging threats and recommend improvements to CRI's overall security posture.

Requirements

  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
  • 5+ years of progressive experience in cybersecurity, cloud security, or security engineering.
  • Experience maintaining mature security programs supporting SOC 2 Type II, ISO 27001, NIST CSF, or CIS Controls.
  • Strong experience securing AWS and Azure cloud environments.
  • Experience with SIEM, EDR/XDR, IAM, vulnerability management, endpoint security, WAF, encryption, and cloud security technologies.
  • Experience supporting customer audits, security questionnaires, and third-party risk assessments.
  • Excellent written and verbal communication skills with both technical and business stakeholders.

Required / Preferred Certifications

Required:

  • CISSP, CISM, or equivalent security certification.

Preferred:

  • AWS Certified Security - Specialty
  • Microsoft Certified: Azure Security Engineer Associate (AZ-500)
  • Certified Cloud Security Professional (CCSP)
  • GIAC security certifications

Key Competencies / Behaviors

  • Professional demeanor with unquestionable integrity
  • Technical leadership and mentoring
  • Excellent problem-solving and analytical thinking
  • Ability to communicate security risks to executive leadership
  • Strong project management and collaboration skills
  • Self-motivated with a continuous learning mindset

Benefits & conditions

Pulled from the full job description

  • 401(k)
  • 401(k) matching
  • Paid time off
  • Vision insurance
  • Dental insurance
  • Disability insurance
  • Paid holidays, * Company paid individual portion of medical, Life, Long and Short-Term Disability insurances;
  • Access to participate in company dental and vision insurance programs;
  • 401(k) program, including company paid match of up to 3% of annual salary; and
  • Paid time off and holiday pay.

About the company

Creative Realities, Inc. (www.cri.com, NASDAQ: CREX) is a creative technology company focusing on bringing digital experiences to retail environments, designed to enrich and inspire the consumer journey. Our strong design and strategic discipline uniquely position us to guide Fortune 100 Brands and Retailers on how best to apply technology in function of marketing, store, or customer objectives. Our end to end offering enables us to execute what we recommend: from design and app development, thought to deployment on site - and provide ongoing content and support to virtually any type of environment., * Passionate: We are a group of passionate people. This is the best way to describe TEAM CRI. We work hard and we are proud of the results we produce each and every day. And, we have some fun along the way! * Respectful: We value diversity and unique contributions. We foster a trusting, open and inclusive environment. We treat our clients, partners and our team in a manner that reflects these values. * Do the Right Thing: We do what we say we will do. Our actions shall always be fully transparent and genuine. Our dealings with clients, co-workers and partners must always be conducted with honesty. * Helps First: We are stronger when we work together. We help first, no matter what-whether it's with our clients or our internal teams. * Nimble Minded: When conventional thinking and processes fail, we want to be the first to provide fresh ideas and solutions. We break through adversity and respond quickly. * Expects Excellence: What we deliver is what we will be measured on. We are committed to getting it right.

Apply for this position