Sr. Information Security Engineer - Remote role open to applicants in the USA
BigPanda is looking for an experienced security professional to help lead and execute BigPanda’s information security efforts. This is a hands-on, high-impact contract role focused on both tactical and strategic initiatives across product, IT, vendor, and enterprise security.
You will play a key role in representing BigPanda’s security posture to our customers. That means clearly communicating our practices and controls, answering detailed security questions, and listening carefully to customer requirements and concerns. You will need to be comfortable in customer-facing settings, such as architectural review boards and vendor risk assessments, and be able to respond to customers with clarity and confidence.
Internally, you will be responsible for designing, implementing, and managing security controls across the company. You’ll assess and report on their effectiveness, and contribute to decisions through risk assessments, dashboards, and metrics. You’ll also ensure that our practices align with SOC 2 Type II and other relevant compliance frameworks.
Given BigPanda’s focus on building AI-enabled and agentic SaaS applications, deep AI security expertise is essential. You must understand the security challenges and requirements of modern AI application architectures, including components like LLMs, RAG pipelines, vector databases, chain-of-thought reasoning, prompt management, monitoring, and Model Context Protocols (MCPs). This role will help define and enforce security practices that ensure these AI systems operate safely, reliably, and in compliance with privacy and governance requirements.
This role requires broad, hands-on experience across a broad range of security functions and day-to-day operations of security tools and processes.
Responsibilities
- Act as a subject matter expert in the development, implementation, and oversight of BigPanda’s information security and privacy program
- Maintain and mature the company’s security posture and ensure compliance with applicable frameworks and regulations
- Monitor the external threat landscape and advise on detection and remediation of emerging threats
- Develop and implement governance controls for AI systems, ensuring secure use of AI technologies in compliance with data protection and privacy standards
- Investigate potential security incidents and lead response efforts
- Coordinate external security audits, including SOC 2 and penetration testing activities
- Evaluate third-party vendors’ security, privacy, and business continuity programs
- Partner with internal teams to conduct company-wide and vendor risk assessments and maintain the risk register
- Respond to customer security inquiries, questionnaires, and annual risk reviews
- Identify and mitigate issues related to security events, compliance gaps, infrastructure vulnerabilities, and team operations
- Lead the vulnerability management program, including scanning, assessment, and remediation
- Review new technologies and vendors for security risks and areas of improvement
- Work closely with DevSecOps, DevOps, and R&D teams to align security with product development
- Maintain documentation and requirements for incident response, disaster recovery, business continuity, and impact analysis
- Oversee access provisioning for company systems
- Manage and support daily operations of security tools and controls (e.g., endpoint protection, DLP, email security, encryption, firewalls, log monitoring)
Qualifications
- Strong interpersonal and communication skills with the ability to work across internal teams and with external customers
- Confident presence in executive and customer-facing meetings as a trusted security advisor
- Ability to translate technical security concepts into business terms for leadership
- Experience securing AI systems, including knowledge of model risk, prompt injection, data governance, and safe deployment practices in enterprise environments
- Knowledge of AI infrastructure and application components
- Deep experience in cloud security (AWS) and general IT system controls
- Experience configuring and monitoring Cloudflare ZTNA and WAF
- Experience using Wiz or similar CSPM, SAT, and Threat Detection tools
- Broad knowledge of security domains, including network architecture, encryption, systems and database security
- Experience with SaaS environments and infrastructure as code, CI/CD pipelines, Kubernetes, MongoDB, Elastic, and Kafka
- Solid understanding of security frameworks and SOC 2 Type II requirements
- Demonstrated success in creating and delivering security awareness and training programs
- Strong organizational, analytical, and problem-solving skills
- Comfortable leading projects and working independently
Preferred Qualifications
- Bachelor's in Computer Science, Information Technology, Cyber-security or related field
- CISSP, CISM, CISA, or other relevant security certifications
- 10+ years of technical experience in cloud application security or cloud infrastructure security at a SaaS company
About Us:
BigPanda delivers AI-powered IT operations and incident management. We enable enterprise IT to keep their digital world running by fixing reactive and chaotic processes. Our enterprise SaaS platform transforms IT noise into insights for faster detection & triage, and surfaces siloed knowledge into situational awareness for faster investigation & remediation. BigPanda increases the speed and productivity of Ops and Incident management teams, which is why the world's most trusted brands rely on BigPanda to improve operational efficiency and deliver exceptional service reliability to their customers.
BigPanda is backed by top-tier investors including Sequoia, Mayfield, Battery, Insight Partners, Advent International, and Greenfield Partners.
We have an awesome team of motivated, knowledgeable, fun-loving, and friendly Pandas. We provide comprehensive health coverage, parental leave, competitive cash and equity compensation, and a supportive, collaborative, and innovative environment to empower you to do the best work of your career.
Our Benefits:
- Competitive equity
- Remote-first environment
- Unlimited PTO
- Twelve (12) paid holidays throughout the year
- Comprehensive health benefits
- #PandaParent support. Financial assistance for fertility, adoption, and surrogacy expenses as well as a combined total of eighteen (18) weeks fully paid leave for all new parents
- Financial planning services
- Employee learning & development budget
- Values-based recognition (quarterly and annually)
- Social community & ERG programs
- Dog friendly office
- Lunches provided in office
- Flexible work environment along with a work-from-home stipend to support remote work arrangements
- Values-based culture
Market competitive salary with an anticipated base compensation range of $175,000 - 220,000. Actual salaries will vary depending on a candidate’s experience, qualifications, skills, and location. BigPanda offers a generous total rewards package that includes base pay, bonus, equity, and a world-class benefits program. We run two (2) compensation review cycles per year to ensure that managers can recognize employees without much lag between achievement and reward. All of this builds toward the best compensation we can give to anyone: the ability to develop your skills each and every day. BigPanda has a significant focus on career development that is at the core of our employee experience.
BigPanda is proud to be an Equal Employment Opportunity workplace employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
Note: BigPanda is an E-Verify Employer
If you need assistance or an accommodation due to a disability, you may contact us at peoplequestions@bigpanda.io.
