[Remote] Security Engineer
Note: The job is a remote job and is open to candidates in USA. Old Republic is a leading specialty insurer that operates diverse property & casualty and title insurance companies. The Security Engineer will play a key role in improving the organization’s overall security posture across cloud environments, applications, and enterprise platforms, collaborating with various teams to design secure systems and implement security controls.
Responsibilities
- Drive security standards, best practices, and tool strategies across cloud platforms, applications, and enterprise systems
- Partner with engineering and architecture teams to design secure systems and applications from the ground up
- Perform security architecture reviews, threat modeling, and design consulting for new and existing systems
- Support both application security and cloud security initiatives, including secure coding, infrastructure security, and identity controls
- Assess current security posture across applications and cloud environments and recommend actionable remediation strategies
- Design and implement solutions for vulnerability management, including scanning of applications, operating systems, containers, APIs, and infrastructure-as-code (IaC)
- Analyze findings from security tools and penetration tests; partner with teams to prioritize and remediate risks
- Support and perform penetration testing and security assessments across applications and cloud environments
- Develop and apply security controls that protect applications, cloud workloads, identities, APIs, and data
- Integrate security into CI/CD pipelines and engineering workflows to enable secure-by-default development practices
- Build automations to detect misconfigurations, enforce security standards, and improve operational efficiency
- Serve as a subject matter expert across multiple security domains, including cloud, application, and emerging areas such as AI security
- Provide consulting and guidance to product, engineering, and business teams in a clear, actionable manner
- Collaborate with governance, risk, and compliance teams to align engineering controls with organizational requirements
- Support the broader Security Engineering team with development and optimization of security tooling and processes
- Stay current on emerging threats, vulnerabilities, and technologies, and recommend improvements to the security program
Skills
- 3–6 years of experience in cybersecurity, security engineering, application security, or cloud security roles
- Bachelor's degree in computer science, Information Systems, or a related field (or equivalent practical experience)
- Experience with at least one major cloud platform (AWS, Azure, or GCP) in a production environment
- Experience in application security practices, such as secure code review, threat modeling, or SAST/DAST tools
- Understanding of secure system design principles, including authentication/authorization, data protection, and service-to-service communication
- Familiarity with cloud and application security tooling (e.g., CNAPP/CSPM, SAST, DAST, container security, secrets management)
- Experience performing or supporting penetration testing and vulnerability assessments
- Knowledge of modern architectures, including microservices, APIs, containers, and serverless technologies
- Experience integrating security into CI/CD pipelines and developer workflows
- Proficiency in scripting or programming for automation (e.g., Python, PowerShell, or similar)
- Strong understanding of security risks and mitigation strategies across both application and infrastructure layers
- Demonstrated ability to collaborate cross-functionally and influence secure design decisions
- Excellent communication skills, including the ability to translate technical risks into business-friendly language
Benefits
- Remote
- Full-Time /Exempt
- Equal employment opportunities to all employees and applicants for employment
- Prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws
Company Overview