Senior Engineer – Cloud Security

This is a remote position.

About the Role

First Due, an industry-leading public safety SaaS company, is searching for an experiencedSenior Engineerwith deepcloud security expertiseto help strengthen and scale the security posture of our mission-critical SaaS platform. This role sits at the intersection ofinfrastructure, security, and compliance, and will play a key part in preparing our organization to meetNIST 800-53and other regulatory frameworks, including SoC 2 Type II, PCI DSS and others.

The ideal candidate will combine a strong technical foundation in AWS infrastructure with hands-on security engineering experience, exceptional attention to detail, and the ability to communicate effectively with both internal teams and customers.

Key Responsibilitie

• Lead cloud security initiativesacross AWS infrastructure, ensuring alignment with best practices, company policies, and NIST 800-53 requirements.
• Design and implement secure infrastructure patterns, including network segmentation, encryption, IAM policies, and secrets management.
• Collaborate with engineering, product, and compliance teamsto build security into every layer of our SaaS platform lifecycle.
• Own the cloud security roadmap, driving projects to improve observability, vulnerability management, and overall risk reduction.
• Prepare and guide the company through NIST 800-53 readiness, including documentation, evidence gathering, and control implementation.
• Respond to customer security questionnaires and audits, providing detailed, accurate, and timely responses that represent the company’s security posture.
• Develop and maintain security automation and monitoring systems, leveraging tools such as AWS Config, GuardDuty, Security Hub, or third-party solutions (e.g., Wiz, Prisma Cloud, Datadog Security).
• Establish and enforce least-privilege IAM policiesand conduct regular access reviews.
• Improve system observability and reliabilitythrough enhanced logging, metrics, and alerting for security and infrastructure health.
• Partner with engineering teamsto perform secure code reviews, threat modeling, and security design reviews for new features.
• Assist with incident response, root cause analysis, and post-incident reviews to strengthen system resilience.
• Mentor peers and promote a culture of security-first engineeringacross the organization.

Key Qualifications and Experience:

Required:

• 5–8+ years of experience incloud infrastructure or DevOps engineering, with a strong focus onAWS(EC2, RDS, ElastiCache, IAM, CloudFormation/Terraform, VPC, KMS, etc.).
• Proven experience implementingcloud security best practices—including network hardening, encryption, key management, and vulnerability remediation.
• Deep familiarity withsecurity frameworks(e.g., NIST 800-53, FedRAMP, SOC 2, ISO 27001, CIS Benchmarks).
• Experience responding tocustomer security assessments and due diligence questionnaires.
• Hands-on experience withmonitoring and observability tools(CloudWatch, Datadog, Prometheus, etc.) andSIEM/SOC integrations.
• Strong understanding ofPostgreSQL security and database hardeningin a cloud environment.
• Solid scripting or automation skills (Python, Bash, or similar) for infrastructure security automation.
• Excellent written and verbal communication skills — especially in explaining security controls to non-technical stakeholders and customers.
• A mindset that balancessecurity, performance, and scalability.
• A passion for solving complex problems at the intersection of infrastructure and security.
• Strong cross-functional collaboration skills with compliance, legal, product, and customer teams.
• The ability totranslate technical controls into clear business valueand compliance evidence.
• Initiative and ownership to identify vulnerabilities and drive mitigation end-to-end.

Preferred

• Experience participating in or preparing forFedRAMP,SOC 2,ISO 27001, or similar compliance audits.
• Background inthreat detection,incident response, orforensicsin cloud environments.
• Familiarity withcontainer security(EKS, ECS, or Kubernetes security hardening).
• Security certifications such asAWS Certified Security – Specialty,CISSP, orCCSP.
• Prior experience in aSaaS companyorhighly regulated industry(government, healthcare, finance).

We welcome a diverse workforce! If you don’t fit all the qualifications for the job listed above but feel you bring unique experience and perspective that would serve this role and First Due well, we encourage you to apply.

Allapplicants must be authorized to work for any US employer in the United States. Locality Media Inc. is unable to sponsor or transition sponsorship ownership of employment visas at this time. Hiring is contingent upon candidates successfully passing a criminal background check.As part of the I-9 verification of authorization to work in the US, Locality Media Inc. participates in E-Verify.

Physical Demands and Work Environment

This role is fully remote with minimal travel expectations at this time.Reasonable accommodation may be made to enable qualified employees and applicants to perform the essential functions as outlined above. If you require an accommodation during the interview process, please reach out topeople@firstdue.com.

Working at First Due

First Due offers a comprehensive compensation and benefits package for eligible employees, including competitive pay, medical, dental, and vision coverage, FSA/HSA, 401(k), flexible PTO, a fully remote workplace, a technology stipend, opportunities for advancement, and other benefits and perks that sets our team apart. Visitwww.firstdue.comto learn more.

If you are a resident of a state requiring wage transparency, please reach out topeople@firstdue.comfor a reasonable estimate of annual base compensation and any eligible incentive compensation.The actual compensation offered to successful candidates for roles may be higher or lower, based on non-discriminatory criteria including but not limited to relevant professional experience, geographic location, knowledge, skills, and abilities.This range will be reviewed on a regular basis.

About First Due

First Due is re-imagining Fire and EMS by providing a modern cloud-based platform that allows agencies to run their entire operation in one place. From Fire Prevention, Pre-Incident Planning, Incident Reporting, Scheduling, Asset Management, Reporting, Response and more, First Due is leading the public safety software industry through next-generation technology and innovation.

Locality Media LLC First Due is an equal opportunity employer. We do not discriminate in any aspect of employment on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status, or any other protected status or class.We are committed to promoting an environment of respect, acceptance, diversity and inclusivity, and equal opportunity. Discrimination and harassment of any type in any form will not be tolerated.

When you apply for a role at Locality Media, we will collect some personal data, including information from your application, resume, or LinkedIn profile. This information is used during the interview and candidate evaluation process for opportunities at First Due and is only shared internally.Please review our candidate privacy noticehere.