Sr InfraSec Engineer

Vacancy NameSr InfraSec Engineer Vacancy NoVN386 StatusActive LocationRemote US Location CountryUnited States Location Region Location City DescriptionThe Role

Auction Technology Group operates a portfolio of online auction and marketplace platforms globally, running across a multi-cloud AWS and Azure environment with a broad and technically interesting attack surface. Our security team is growing, and this role is a key addition: a hands-on infrastructure security engineer who will own cloud security posture, security monitoring and detection, incident response, and perimeter security across ATG''s platform estate.

You will work closely with the Director of Information Security, the Head of DevOps, the Senior InfoSec Engineer, and engineering leadership across ATG''s platforms. This is a builder role with real ownership and direct impact. The work is visible, the environment is complex, and the people you will work alongside are strong. If you want to operate a mature, fully-defined stack, this is probably not the right fit. If you want to own infrastructure security in an environment that will challenge you and where your fingerprints will be on everything you build, keep reading. Key ResponsibilitiesKey Responsibilities

Security Monitoring and SIEM

You will lead ATG''s security monitoring and detection capability, owning the full stack from log ingestion through to alerting and response.

• Lead the evaluation, implementation, and ongoing operation of ATG''s SIEM platform across a multi-source log environment spanning WAF, IAM, cloud infrastructure (AWS and Azure), identity platforms, device telemetry, container orchestration, and source control.
• Design and build the log ingestion pipeline, normalize data across sources, and develop the detection rule library that gives ATG meaningful security observability.
• Own alert tuning, coverage expansion, and detection quality on an ongoing basis: reducing noise, improving fidelity, and ensuring the right alerts reach the right people at the right time.
• Evaluate SIEM platform options in partnership with the Director of Information Security and Head of DevOps, bringing a well-reasoned recommendation to procurement.

Cloud Security and CNAPP

You will own ATG''s cloud security posture across AWS and Azure, leading the CNAPP program from evaluation through to operational maturity.

• Drive CNAPP platform evaluation and implementation: own the POC process across candidate vendors, drive the procurement decision in partnership with the Head of DevOps, and build the operational program from the ground up.
• Manage cloud security posture across ATG''s AWS and Azure estate: misconfiguration detection, resource inventory, compliance posture reporting, and remediation tracking in partnership with DevOps and engineering.
• Own cloud infrastructure vulnerability and patch management for the server and container estate.
• Partner with the Head of DevOps on cloud security architecture decisions, ensuring security requirements are embedded in infrastructure design rather than bolted on after the fact.
• Own infrastructure vulnerability management: surface findings from the CNAPP platform, risk-rate them, assign ownership, track remediation with DevOps and engineering, and maintain an evidence trail that supports the GRC Analyst''s compliance reporting.

Cloud Governance

You will define and maintain the standards and guardrails that keep ATG''s cloud environment secure, consistent, and auditable as the platform estate grows.

• Define and implement cloud security standards across ATG''s AWS and Azure estate: resource tagging, network segmentation, identity and access baselines, and configuration standards aligned to recognized benchmarks.
• Evaluate and implement cloud security compliance tooling in partnership with the Head of DevOps, ensuring security requirements are built into infrastructure provisioning rather than assessed after the fact.
• Maintain cloud governance documentation and evidence to support GRC-led compliance programs including PCI DSS and IT general controls.

Incident Detection and Response

You will serve as ATG''s internal security engineering anchor for detection and response, working in close partnership with the MDR provider and the broader security team.

• Serve as the internal security engineering counterpart to ATG''s MDR provider: own detection tuning, alert triage, escalation workflows, and the feedback loop that keeps detection coverage improving over time.
• Develop and maintain incident response playbooks for infrastructure-layer threats: cloud compromise, credential theft, lateral movement, supply chain incidents, and insider threat scenarios.
• Lead forensic preservation and investigation for infrastructure-layer security events, coordinating with the Director of Information Security, Legal, and external partners as required.
• Conduct post-incident reviews, translate findings into detection improvements and control gaps, and drive those gaps to closure.
• Contribute to ATG''s incident response program: maintain and test IR playbooks, participate in tabletop exercises, and ensure the technical response capability is documented and rehearsed rather than improvised under pressure.

WAF and Perimeter Security

You will own ATG''s perimeter security controls across its platform estate, ensuring the organization''s exposure to automated and network-layer threats is actively managed.

• Drive WAF platform evaluation and implementation: Drive a WAF consolidation project including the POC process across candidate vendors, drive the procurement decision in partnership with the Head of DevOps, and build the operational program from the ground up.
• Own operational management and tuning of ATG''s WAF estate across marketplace platforms, including rule development, blocking mode configuration, and bot control tuning against credential stuffing, scraping, and other automated threats.
• Maintain perimeter security posture across ATG''s cloud networking configuration: security group hygiene, network-layer access controls, and NACL management across AWS properties.
• Monitor and respond to perimeter-layer threat intelligence, adjusting controls proactively as the threat landscape evolves.

Technical Documentation and NIST Alignment

You will contribute to technical documentation and control evidence that underpins ATG''s security program maturity and supports the broader compliance function.

• Own infrastructure security architecture documentation, runbooks, and SOPs maintained to a standard that other engineers can operate independently.
• Own technical control documentation and evidence aligned to the NIST CSF framework, supporting ATG''s security program validation milestones and providing the technical foundation for GRC-led compliance programs.
• Partner with the Senior GRC Analyst on the technical inputs to PCI DSS, GDPR, and CPRA compliance programs where infrastructure controls are in scope.
• Support the security awareness training program by contributing technical content and subject matter expertise, ensuring training reflects the real threat landscape ATG faces. Key RequirementsTechnical Skills and Experience

Essential

• 5 to 8 years of infrastructure security or detection engineering experience, including deep, hands-on SIEM implementation or operation at meaningful scale: architecture, log ingestion pipeline design, detection rule development, and alert tuning. Experience leading a platform evaluation or migration is a strong signal.
• Hands-on cloud security experience across AWS and/or Azure: IAM policy hygiene, cloud-native security tooling such as GuardDuty or Defender for Cloud, infrastructure-as-code security review, and cloud networking controls.
• Experience with CNAPP, CSPM, or cloud vulnerability management tooling: Wiz, Orca, Upwind, Prisma Cloud, or equivalent. POC or procurement experience is a differentiator.
• Demonstrated incident response experience: forensic preservation, log-based investigation, playbook development, and post-incident review.
• WAF operational experience: rule development, bot control configuration, and tuning against automated threats including credential stuffing and scraping.
• Scripting proficiency in Python, Bash, or equivalent for security operations automation.

Highly Desirable

• Experience in a marketplace, e-commerce, or payments environment with PCI DSS scope considerations.
• Hands-on experience with an enterprise EDR or MDR platform: tuning, coordination with managed detection providers, and detection engineering integration.
• Container and Kubernetes security experience: network policy, image scanning, and runtime security controls.
• Familiarity with software supply chain security controls: dependency management, artifact signing, lockfile enforcement, and software composition analysis.
• Experience evaluating and implementing cloud security and detection tooling - comfort assessing vendor options, running proof-of-concept engagements, and building programs around the right tools for the environment.
• Relevant certifications in cloud security, detection engineering, or incident response: AWS Security Specialty, GCIH, GCFE, or equivalent.
• Experience contributing technical control evidence to NIST CSF, ISO 27001, or SOC 2 compliance programs.

How You Work

ATG is a lean security team operating across a technically complex, multi-platform environment. You will work closely with the Director of Information Security, the Head of DevOps, the Senior InfoSec Engineer, and engineering leadership across ATG''s platforms. Technical depth is essential. So is the ability to communicate clearly with people who are not security specialists.

• You take ownership of your domains and stay ahead of the work. You notice gaps, prioritize them, and drive them to resolution without waiting to be directed.
• You are comfortable in environments where the full stack is not yet defined. You have built before, you know what good looks like, and you can make progress without a complete picture.
• You communicate well across technical and non-technical audiences. You can write an incident update that Legal can act on and explain detection logic that engineering can review.
• You approach security problems by understanding the threat before reaching for the tool. That instinct shapes how you prioritize and what you build.
• You are collaborative. ATG''s security program involves close coordination across Security, DevOps, IT, Engineering, and Legal. A strong individual contributor who makes the team around them better is the profile we are hiring for.

Auction Technology Group is committed to fair and equitable compensation practices.

The pay range for this role is $135,000 to $150,000. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to skill set, depth of experience, certifications, and specific work location. This may be different in other locations due to differences in the cost of labor.

The total compensation package for this position may also include annual performance bonus, stock, benefits and/or other applicable incentive compensation plans. Employment TypePermanent DurationPermanent Business NameProxibid Function NameTechnology