
Senior Information Security Engineer
Automate your job search with Sonara.
Submit 10x as many applications with less effort than one manual application.1
Reclaim your time by letting our AI handle the grunt work of job searching.
We continuously scan millions of openings to find your top matches.

Overview
Job Description
Greetings, future product leader:
Embark on an exciting journey into the realm of product management with 3Pillar! We extend an invitation for you to join our team and gear up for a thrilling adventure. At 3Pillar, our focus is on crafting cutting-edge technologies that revolutionize industries. Do you want to craft strategy, help make better products, and get your hands dirty with release plans and user stories? 3Pillar is looking for a Product Manager to join our growing PM Team. This Product Manager will be a key member of our globall team, working directly with our US clients on mission critical engagements.
The Product Manager is responsible for the overall business success of our clients' software products. In particular, this includes working closely with clients to strategically advise them and build solutions in order to help them solve business problems and propel their business forward. The Product Manager will work closely and partner with global delivery teams (Engineering and Program Management) and the Client Services team to support pre-sales efforts; to consult with clients on business challenges; deliver best of breed products using Agile practices; and drive growth.
Vulnerability & Product Security: Own the end-to-end vulnerability management program across our SaaS products, cloud infrastructure, containers, and endpoints including identification, triage, prioritization, remediation tracking, and reporting. Operate and tune SAST, SCA, and dependency-scanning tooling (e.g., Snyk, GitHub Advanced Security/Dependabot) and partner with engineering teams to drive timely remediation. Monitor runtime and infrastructure telemetry (e.g., Datadog) for security signals; investigate alerts and lead containment and follow-up actions. Track and report on vulnerability SLAs, mean-time-to-remediate, and other security KPIs to leadership. Cloud & Endpoint Security: Enhance the security posture of our Microsoft Azure environment including identity, networking, data, and workloads through configuration hardening, policy enforcement, and continuous monitoring. Administer and improve Microsoft Intune for endpoint configuration, compliance, and mobile device management. Tune and maintain Microsoft Defender (Endpoint, Cloud, and related products) for threat detection, response, and reporting. Implement and operate Microsoft Purview controls for data classification, DLP, and information protection. Governance, Risk & Compliance: Draft, update, and maintain corporate information security policies, standards, and procedures aligned to recognized frameworks (e.g., SOC 2, ISO 27001, NIST CSF). Lead the response to customer and prospect security questionnaires, RFPs, and due-diligence requests, and maintain a reusable response library. Support vendor risk assessments and third-party security reviews. Assist with internal and external audits, evidence collection, and remediation of findings. Security Program & Collaboration: Partner with Engineering on secure SDLC practices, threat modeling, and code review guidance. Contribute to security awareness training, phishing simulations, and a strong security culture across the company. Help mature incident response playbooks and participate in tabletop exercises and on-call rotations as needed.
4-6 years of professional experience in information security, application security, cloud security, or a closely related role. Hands-on experience securing SaaS applications and workloads running in Microsoft Azure. Demonstrated experience with vulnerability management tooling and process including triage, prioritization (e.g., CVSS, EPSS, exploitability context), and driving remediation through engineering teams. Working proficiency with several of the following: Microsoft Intune, Microsoft Defender (Endpoint/Cloud), Microsoft Purview, Datadog, GitHub (Advanced Security, Dependabot, code scanning), and Snyk. Solid understanding of identity and access management concepts, particularly Microsoft Entra ID (Azure AD), conditional access, and least-privilege design. Experience writing or substantially contributing to security policies, standards, or procedures. Experience responding to customer security questionnaires and supporting compliance efforts (SOC 2, ISO 27001, or similar). Strong written and verbal communication skills and able to translate technical risk for both engineers and non-technical stakeholders.
Industry certifications such as CISSP, CCSP, AZ-500, SC-200, SC-100, GCIH, GSEC, or equivalent. Scripting/automation experience (PowerShell, Python, Bash) and familiarity with infrastructure-as-code (Terraform, Bicep, ARM). Experience with container and Kubernetes security. Exposure to threat modeling, secure code review, or penetration testing. Prior experience in a SaaS company or regulated industry.
Automate your job search with Sonara.
Submit 10x as many applications with less effort than one manual application.
