Senior Security Engineer

Propeller is on a mission to take the guesswork out of moving dirt - reducing wasted fuel, time, and money. We do this through the power of maps.

Our customers use Propeller’s integrated hardware and software products to capture accurate 3D versions of their worksites. With over 50,000 worksites worldwide using Propeller’s smart survey technology, we empower project teams to map, measure, and manage site activity.

Propeller empowers everyone to approach, own, and solve problems creatively. We’re data nerds who care about impact, honesty, and each other. We take pride in being a great place to work and are proud to be recognised asFast Company a andBuiltIn Best Place to Work. You can learn more about us onGlassdoor

Your Mission

We’re looking for a hands-on Senior Security Engineer to strengthen security across our cloud infrastructure and application stack. You’ll work closely with our Infrastructure Manager and Principal Architect, your focus is to go deep on the day-to-day security craft.

Leveraging our modern stack, you’ll help secure complex geospatial data in the cloud for customers in regulated industries. We’re GDPR compliant and hold our SOC 2 Type II; you’ll help us maintain and strengthen that foundation as we scale across the US, EU, and AU and grow our compliance certifications.

Day to day responsibilities

• Hands-on security across our cloud infrastructure (AWS, Kubernetes, containers), application security.
• Contribute to defining our security roadmap.
• Performing secure architecture and design reviews, and contributing to secure-by-default tooling and paved roads.
• Running vulnerability management process, triage, prioritise, and drive remediation with engineering teams.
• Define how we secure AI at Propeller.
• Participating in security incident response.
• Supporting our SOC 2 Type II program and improving our compliance posture as we add more certifications, such as ISO:27001, fedRAMP 20x.
• Helping coordinate the annual third-party penetration test and turning findings into shipped fixes.

We care more about depth and judgment than checklists, but to be effective here you'll need solid experience across most of the following:

• Cloud and infrastructure security: AWS, Kubernetes, Linux and networking fundamentals.
• Application security: Secure design review and familiarity with shift-left tooling.
• Detection and response: Comfortable with logging, alerting, and handling security incidents in a cloud-native environment.
• Code and tooling: You can write Python, TypeScript or bash well enough to automate the security work in front of you.
• Compliance fluency: Exposure to security compliance programs and how controls work in practice. Familiarity with SOC 2 and GDPR.
• Communication: You work well with engineering teams, write clearly, and bring people with you.
• Pragmatism: You make sensible tradeoffs between risk and velocity, and design controls that teams adopt rather than resist

Bonus points for

• Expertise with application, container, Linux and network security.
• Experience working inside a SOC 2 Type II or ISO program.
• Familiarity with AI tooling and development.
• Familiarity with OWASP Top 10, CWE or NIST frameworks.
• Relevant certifications (e.g. CISSP, AWS security certifications, or similar)

• Employee share options
• Professional development budget and leave
• The opportunity to take part in our mentorship program
• Mental health resources 
• Monthly telephone and/or internet allowance
• Paid primary & secondary parental leave policies 
• Hybrid work arrangements and WFH equipment provided

About Propeller

Propeller is for everyone, so come as you are. We value all types of experience, skill, and ability.  If you don’t think you meet all the requirements, but still think this role would be a good fit, we’d love to hear from you.

Diversity makes our team more creative, fun, and effective, so bring your whole self to the application process, and we will too!

If you’re interested in what life at Propeller is like, check out our employee-ownedMedium blog page!