Senior Security Engineer

Runwise is looking for a Senior Security Engineer who is passionate about building secure, resilient systems and who thrives in a fast-paced, mission-driven environment. 

Runwise (www.runwise.com) is a fast-paced, customer-focused climate-tech startup that controls and runs the key energy systems (heating, water, etc.) in 6000+ buildings throughout the US. Runwise’s unique hardware and software service significantly reduces energy usage, substantially lowering costs and carbon output. As of today, Runwise’s technology takes the equivalent of 50,000 cars worth of carbon emissions off the road each year. Runwise has offices in New York and Boston but is a remote-first product/engineering company, and has been since its creation. 

We’re seeking a Senior Security Engineer to play a critical role in protecting our platform, infrastructure, and users. You’ll collaborate with software development and infrastructure teams to design and implement systems and practices that safeguard customer data, harden infrastructure, and integrate security throughout the development lifecycle.  

Responsibilities will include, but are not limited to:

• Partner with product and infrastructure teams to embed security into system architecture and software design.
• Design and enforce application and platform security best practices across our services and APIs.
• Build tooling and automation for threat detection, vulnerability scanning, and secure code analysis.
• Manage and improve secrets management, IAM policies, and data protection in AWS and edge deployments.
• Define and track security-related SLAs and risk indicators across services.
• Respond to and manage security incidents, including root cause analysis and post-incident reviews.
• Lead regular security reviews, risk assessments, penetration tests, and red/blue team exercises.
• Stay ahead of emerging threats and continuously improve our defense posture.

Who you are:

• 5+ years of experience in software or infrastructure security roles.
• Proven expertise in securing cloud environments (especially AWS) and distributed systems.
• Strong grasp of modern authentication, encryption, and secure software development practices.
• Proficiency with security tooling such as SAST/DAST scanners, SIEM, IAM analyzers, and container scanning tools.
• Familiarity with infrastructure-as-code tools (e.g., CloudFormation, Ansible).
• Comfortable writing and reviewing code/scripts (Python, Go, and Bash preferred).
• Experience managing security in CI/CD pipelines (GitHub Actions experience a plus).
• Excellent communication skills with a bias toward documentation and cross-functional collaboration.
• A proactive, product-minded approach and passion for sustainability and climate-tech.

Salary: $140,000-$200,000 - varied on experience and market rate.

What you believe: 

• No job is too small.
• Sincerity builds trust.
• Setbacks fuel progress.
• Efficiency is vital.

Benefits:

• Medical, dental, and vision insurance
• HSA & FSA options
• Paid Parental Leave
• Access to Talkspace & Health Advocate
• Flexible PTO
• Commuter Benefits
• 401K
• Company-paid life insurance
• Voluntary supplemental life insurance
• Free in-office lunch on Wednesdays
• Hybrid work environment
• Summer Fridays
• Monthly L&D Series
• Employee Resource Groups (e.g. DEIB Committee, Run Club)

This is an excellent opportunity to join a fast-growing company and create a career path beyond this initial role. You will be surrounded by talented people where you will learn about real estate and software/managed services sales at a very fast growing tech company, whilst having  a tangible impact on reducing carbon emissions across the country