Staff Security Engineer

What we are looking for

Aurora hires talented people with diverse backgrounds who are ready to help build a transportation ecosystem that will make our roads safer, get crucial goods where they need to go, and make mobility more efficient and accessible for all.

We're searching for a Staff Security Engineer to join our Enterprise Security Engineering team, reporting to the Technical Lead Manager of Security Engineering.

Aurora is scaling its autonomous trucking operations, and the security foundations protecting our employees, devices, internal systems, and data need to scale with us. We're looking for a deeply technical enterprise security engineer who is as comfortable in a code editor as in a security console — you build the systems that make Aurora's security operations possible. This is a role for someone who can architect robust enterprise security solutions, write the code to implement them, and partner across Engineering and IT to make sure security is embedded from the start, not bolted on at the end.

This is not a security operations-only role. It sits squarely in enterprise security engineering, where the work is designing, building, and owning the platforms, integrations, and automation that power Aurora's internal security posture at scale.

In this role you will

• Own the architecture and implementation of Aurora's enterprise security controls — designing the systems and integrations that protect Aurora's endpoints, identities, internal infrastructure, and SaaS environment.
• Design and build Aurora's security telemetry and detection infrastructure, including log pipelines, SIEM integrations, and alerting frameworks — in partnership with the Security Operations Engineer who owns ongoing tuning and rule development.
• Define and enforce enterprise security standards, conducting architecture and design reviews to ensure alignment with Aurora's security posture and risk tolerance.
• Partner with IT, Infrastructure, and Engineering teams to embed security requirements early — shifting left on corporate IT initiatives before they become technical debt.
• Build automation and tooling that extends the capabilities of Aurora's security platforms, reduces manual operational burden, and scales the team's impact.
• Serve as the escalation point for enterprise security incidents requiring engineering-level investigation or remediation, and participate in the team's on-call rotation.
• Translate security strategy into concrete, executable engineering projects with clear milestones and measurable outcomes.

Required qualifications

• 12+ years of hands-on experience in enterprise security engineering or corporate information security — specifically securing employee-facing systems, endpoints, identities, and internal infrastructure (not product or application security).
• Proficiency in at least one programming language, used in a security context — writing production-quality automation, integrations, or internal tooling (the team primarily uses Go; Python is also common).
• Experience architecting and integrating enterprise security platforms — designing API integrations, automating workflows, and building tooling that extends platform capabilities across domains such as EDR/XDR, MDM, IAM/IGA, DLP, SaaS security, cloud security, or PKI.
• Experience designing and building security telemetry pipelines and detection infrastructure — log ingestion, normalization, SIEM integration, and alerting architecture.
• Experience leading cross-functional security engineering projects — defining scope, driving execution, and aligning stakeholders across Engineering and IT.
• Track record of conducting security architecture reviews and translating findings into actionable, risk-prioritized remediation plans.
• Experience evaluating security posture and identifying systemic gaps, with a bias toward building durable solutions rather than one-off fixes.

Desirable qualifications

• Experience with Zero Trust architecture and identity-centric security models (BeyondCorp-style or similar).
• Familiarity with NIST CSF, MITRE ATT&CK, and CIS Benchmarks as engineering inputs — used to inform what to build and how to validate it, not just as compliance checkboxes.
• Hands-on AWS security experience (SCPs, GuardDuty, Security Hub, IAM, etc.) and familiarity with integrating cloud security signals into a corporate security platform.
• Experience with applied cryptography and PKI in a production enterprise environment — certificate lifecycle management, CA design, or secrets management.
• Familiarity with securing AI/ML platforms or applications built on LLMs, RAG pipelines, or MCP-based architectures.
• Security certifications such as CISSP, GCED, GREM, or similar (valued but not required).

The base salary range for this position is $171,000 - $247,000 per Year. Aurora’s pay ranges are determined by role, level, and location. Within the range, the successful candidate’s starting base pay will be determined based on factors including job-related skills, experience, qualifications, relevant education or training, and market conditions. These ranges may be modified in the future. The successful candidate will also be eligible for an annual bonus, equity compensation, and benefits.

#Mid-Senior