Security Engineer

We are seeking a hands-on Principal Security Engineer to join our small, high-impact security team that protects our products, corporate environments, and customers. This is a senior individual contributor role that sits at the intersection of corporate security, incident response, compliance and product security. In this role, you will partner closely with multiple teams to embed security into how we build, operate, and defend HUMAN. Location: USA East Coast or UK

WHAT YOU WILL DO

• Build and automate – Develop scripts, tooling, and infrastructure (e.g., Python code) to automate security controls and workflows. Evaluate and integrate security tooling where it meaningfully improves capabilities or coverage.
• Design and implement automation controls for compliance programs (ISO 27001, ISO 27701, SOC 2, and PCI DSS), including evidence collection, execution, and reporting.
• Build and maintain integrations among security, IT, and cloud tools (e.g., SIEM, EDR/MDR, SOAR, ticketing, asset inventory) using APIs, webhooks, and SDKs.
• Own technical delivery for security projects, from design and prototyping through implementation, documentation, and handoff.
• Create and maintain reusable libraries, scripts, and modules that the security team and IT can use to standardise how we talk to common platforms.
• Partner with Incident Response – Design and implement logging and detection content needed to support high-quality investigations. Participate in incident response efforts as a senior technical responder and adviser. Support security operations and incident response as an engineer when needed, for example, by building collection scripts, queries, or ad hoc tooling to answer investigation questions.
• Architect and improve controls across endpoint, identity, and SaaS environments (e.g., Okta/Google, Cyera, CrowdStrike).
• Help define and implement baseline security configurations for corporate systems and services. Encode policies and standards into technical guardrails where possible, reducing reliance on manual checks and spreadsheets.
• Collaborate with IT – Automate provisioning, hardening, and continuous monitoring in support of the identity lifecycle. Build and maintain automation for organizational changes (join/move/leave) and monitoring of organizational drift.
• Raise the security bar by working cross functionally to translate HUMAN’s policies and audit requirements into clear, understandable controls and runbooks, and by defining practical metrics that reflect how those controls are operating in production.

WHO YOU ARE

• 7+ years of experience in information security or software engineering roles such as security engineer, platform engineer, or GRC engineer, with clear responsibility for building and automating security controls.
• Strong familiarity with modern cloud environments (AWS, GCP, or Azure) and their security controls.
• Strong coding or scripting skills in at least one language (for example, Python, Go, etc.) working with APIs, automation, and infrastructure as code.
• Practical experience with at least some of:
• Identity and access management (SSO, SAML/OIDC, RBAC, least privilege, automation workflows)
• Endpoint security and configuration management
• Logging/SIEM and detection automation
• Familiarity with governance, risk, and compliance frameworks (such as ISO 27001, ISO 27701, SOC 2, or PCI DSS), and an interest in encoding those requirements into technical controls and workflows.
• Comfortable working with common security and IT tooling (for example, IAM, SIEM, EDR/MDR, ticketing, asset inventory) and stitching them together into coherent workflows.
• Comfortable working in ambiguous, fast moving environments, prioritizing impact, and driving work to completion in a small, high ownership team. Clear, concise communicator who can explain designs, tradeoffs, and implementation details and influence both technical and non-technical stakeholders.

About HUMAN Security

HUMAN was founded in a Brooklyn sci-fi bookstore with a hacker mindset and the lofty mission of making the internet safer by putting humans first. Today, our Human Defense Platform safeguards enterprises from sophisticated bots, fraud, and account abuse, verifying the humanity of more than 20 trillion interactions per week for the world’s biggest brands and internet platforms.

HUMAN is an equal opportunity workplace dedicated to protecting the internet's integrity for everyone. We believe in putting people first, embracing diversity of thought from our global teams, and welcoming all individuals to share their unique experiences as we fight cybercrime together. We support our Humans with a comprehensive total rewards package for personal and professional development, including well-being and learning stipends, flexible work options, and dedicated time off. While our HQ is in NYC, we have teams worldwide.

HUMAN is growing fast, and there’s never been a more meaningful time to join us. If you thrive on solving complex problems and want to help shape the future of cybersecurity, join us as we build a safer, more human internet.

If you are an individual with a disability or special need that requires accommodation, please contact us directly.