Security Engineer

Lawrence Harvey is partnered with an Austin-based fintech start-up to build their Security Engineering team. This role is focused on strengthening and scaling a modern security program in a high-growth, cloud-native environment. You’ll work closely with executive security leadership to translate strategy into hands-on execution, building controls, improving visibility, and ensuring the organization can move fast without compromising security or compliance.

Responsibilities:

Security Architecture & Tooling

• Implement and manage security controls across cloud infrastructure, endpoints, identity systems, and applications
• Enforce and optimize controls such as SSO/MFA, endpoint management (MDM), endpoint detection and response (EDR), data loss prevention (DLP), and secrets management
• Integrate security tools across the environment to ensure they are not just deployed, but fully operational, measurable, and audit-ready
• Execute against a security roadmap spanning infrastructure, risk, and day-to-day operations

Vulnerability Management

• Own the end-to-end vulnerability lifecycle, including scanning, prioritization, remediation tracking, and validation
• Ensure timely patching across cloud services, systems, and endpoints
• Maintain visibility into service accounts, API keys, and other non-human identities, including ownership and rotation practices

Detection & Response

• Develop and refine detection capabilities across cloud platforms and endpoints
• Continuously test and validate alerting pipelines to ensure coverage and reliability
• Investigate suspicious activity, triage alerts, and communicate findings clearly to leadership

Automation & Scalability

• Reduce manual overhead by automating repetitive security workflows, evidence collection, and alerting processes
• Identify gaps in the current security posture and propose practical, scalable improvements
• Contribute to building a security function that scales efficiently with company growth

Governance, Risk & Compliance

• Align technical implementations with compliance requirements and internal policies
• Support audit readiness by maintaining clear, structured, and timestamped evidence
• Assist with control mapping and gap assessments against frameworks such as SOC 2

Core Experience

• 3-5+ years of hands-on experience in security engineering within cloud-first environments
• Strong familiarity with AWS security tooling, including IAM, CloudTrail, GuardDuty, Security Hub, and Secrets Manager
• Experience implementing and managing IAM/PAM systems
• Working knowledge of CSPM solutions such as Wiz, Prisma Cloud, or similar
• Exposure to application security tooling (SAST/SCA) and CI/CD integrations
• Ability to produce clear, audit-ready documentation and evidence
• Experience supporting a SOC 2 audits