Security Engineer

The right candidate will have experience building trusted relationships with technical teams and cross-functional stakeholders, as well as deploying, tuning, and reviewing output from a variety of security tools such as vulnerability scanners, infrastructure and cloud security tools, endpoint detection systems, and configuration assessment platforms. They will have experience conducting threat modeling, risk assessments, and security reviews across systems, networks, and cloud environments. They must understand their role in identifying and mitigating risks to ensure the confidentiality, integrity, and availability of customer and company data. A strong sense of urgency and passion for implementing and promoting sound security practices across the technology stack is essential.

• This position will be hybrid (1-2 days in the Lehi, UT Weave HQ)

• Reports to: Jessica Sica

What You Will Own

• Collaborating across engineering, product, DevOps, and IT to identify and mitigate security risks throughout the system development and operational lifecycles

• Conducting comprehensive vulnerability assessments across infrastructure, platforms, networks, and applications

• Deploying, tuning, and reviewing the output of security tools, including but not limited to static analysis, dynamic scanning, infrastructure scanning, and dependency monitoring

• Managing external security assessments and penetration tests; coordinating remediation efforts

• Monitoring for emerging threats and proactively identifying security gaps within Weave’s environment

• Defining and tracking measurable outcomes related to Weave’s security roadmap

• Enhancing visibility into risks and security posture through automation and reporting
  

What You Will Need to Accomplish the Job

• 5+ years of experience in information security, security engineering, or a related role

• Strong technical understanding of security principles and protocols and the ability to apply them across varied environments (cloud, on-premise, hybrid)

• Experience conducting risk assessments, penetration tests, and vulnerability scans

• Proficient in security configuration and hardening of systems, databases, networks, and SaaS platforms

• Knowledge and experience with AWS and/or GCP security services and best practices

• Familiarity with SIEMs, EDR, IAM, encryption, firewalls, and network monitoring tools

• Strong communication skills for both technical and non-technical stakeholders

• A passion for secure design, operational excellence, and continuous learning

• High ethical standards and demonstrated integrity in previous roles

• Proven experience developing, operating and maintaining security systems

• Extensive knowledge of operating system and database security

• Critical thinking skills and ability to solve complex problems

• Sourcing and implementing new security solutions to better protect the organisation

• Conducting proactive research to analyse security weaknesses and recommend appropriate strategies

What Will Make Us Love You

• Experience securing SaaS products in a fast-paced, high-growth environment

• Scripting or coding skills (e.g., Python, Bash, Go)

• Demonstrated success leading cross-functional security initiatives

• Track record of reducing risk in complex environments

• Ability to balance security rigor with business agility

• A sense of humor and a collaborative, team-first mindset

• Security certifications such as CISSP, CEH, etc.

Weave is an equal opportunity employer that is committed to fostering an inclusive workplace where all individuals are valued and supported. We welcome anyone who is hungry to learn, problem-solve and progress regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, or other applicable legally protected characteristics. If you have a disability or special need that requires accommodation, please let us know.

All official correspondence will occur through Weave branded email. We will never ask you to share bank account information, cash a check from us, or purchase software or equipment as part of your interview or hiring process.