Security Engineer, Product Security

About Cape

Cape is America’s privacy-first mobile carrier. Our mission is to be a force for good in global wireless. Cape was founded in 2022 by people who believe privacy is a fundamental right, not a luxury to be traded away. Our journey began when our founder recognized a critical vulnerability in our modern world: everyone relies on the same stagnant cellular infrastructure and legacy systems that track our every movement, monitor and profile our connections, and lose and sell our personal data. Instead of accepting the status quo, we decided to fix it. National security professionals, journalists, parents, and everyone in between can stay connected and have privacy. We didn’t just build a layer on top of old tech; we built America’s most private and secure mobile carrier from the ground up. By building our own network from scratch, we are able to design and build a suite of privacy and security features that no other carrier on the planet can offer.

The Role

We are seeking an experienced Security Engineer with a specialization in product security to join our team. As a strategic partner, you will make an immediate impact by leveraging your expertise in cloud and application security. This role is pivotal in reducing risk across our AWS cloud environments, mobile core infrastructure, and mobile applications. You will be responsible for designing, implementing, and that comply with regulatory standards, enhance internal processes, and minimize data security risks. Through developing ongoing security strategies and technologies, you will support the organization's business objectives and daily operations.

Responsibilities

• Design, implement, and manage robust security controls and policies within AWS, focusing on the confidentiality, integrity, and availability of data and services.
• Perform comprehensive security assessments of our cloud environments to identify vulnerabilities, assess risks, and recommend actionable mitigation strategies.
• Lead the integration of security practices into the DevOps lifecycle, promoting secure development, deployment, and operational processes.
• Utilize and optimize AWS security tools (such as Amazon GuardDuty, Amazon Inspector, AWS IAM, AWS KMS, AWS WAF, and AWS Shield) and explore third-party solutions to bolster our security posture.
• Assist in running and address findings from penetration tests and security audits, and ensuring prompt and effective remediation.
• Stay informed about the latest security threats, vulnerabilities, and compliance mandates affecting cloud environments, provide strategic guidance on technologies and best practices.
• Provide expert mentorship to junior security team members and engineers across the company, to foster an organizational culture of security awareness and continuous improvement.
• Collaborate with stakeholders to integrate security requirements effectively into engineering projects and broader business initiatives.

Preferred Experience

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience), Advanced degrees or certifications (e.g., CISSP, AWS Certified Security Specialty) are advantageous.
• A minimum of 5 years of experience in information security, with at least 3 year