Contentful logo

Senior Security Engineer

Apply now
Company name
Contentful
(website)
Annual base salary
$174,000 — $212,000
Location

On-site from

Posted on SalaryPine

About the Opportunity

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven Senior Security Engineer to lead and shape security initiatives across both Contentful’s cloud-native product infrastructure and corporate environments. In this role, you will manage daily alerts and operations while applying deep expertise in cloud technologies and security tooling, collaborating closely with cross functional teams to embed security across the business.

You will own and drive continuous improvement of key components of our security program, including threat modeling, risk assessments, architectural design collaboration, and rapid detection and response of incidents.This hands-on role offers deep technical skills development, along with the ability to influence strategic direction of the company’s architecture and security posture.

What to expect

  • Lead initiatives, drive cross-functional prioritization, and partner on execution to advance security efforts across the organization.
  • Proactively identify, prioritization, and lead complex security assessments and remediation for cloud-native applications, infrastructure, and vendor integrations to drive measurable risk reduction.
  • Support vulnerability management efforts while advancing the program by identifying systemic gaps, expanding coverage, automating workflows, and partnering with cross functional teams to prioritize and drive scalable remediation.
  • Identify deficiencies, architect, and build scalable security solutions to improve coverage, efficiency, and resilience across security disciplines.
  • Develop and maintain scalable hardening standards and monitoring mechanism, leading adoption and long term integration across the organization.
  • Lead and contribute to incident investigations by executing established processes, conducting independent analysis, and coordinating effective response and remediation efforts
  • Design and maintain robust detection and response capabilities for cloud and container environments.
  • Stay current on emerging threats, vulnerabilities, and attacker tactics, translating insights into actionable strategies.
  • Mentor and guide others, fostering a culture of security awareness and best practices.
  • Support security compliance maintenance through control ownership, automated maintenance, and enable technical teams by translating requirements into practical, actionable solutions.
  • Communicate complex and technical concepts clearly to leadership and stakeholders.

What you need to be successful

  • 8+ years of security engineering, DevSecops, or equivalent experience
  • Expertise with AWS, GCP, and Cloudflare architecture, services, and security features
  • Design, implement, and maintain secure CI/CD pipelines by integrating automated security controls such as SAST, DAST, dependency vulnerability scanning, and secrets management.
  • Proven experience designing and implementing security architecture aligned with business and technical strategies across cloud and application environments.
  • Mastery in Python to build and maintain security tools.
  • Exposure to Javascript and Go with the ability to perform security code reviews.
  • Deep knowledge securing Kubernetes clusters and containers, including configuration and runtime protection.
  • Hands-on experience using Terraform and other infrastructure-as-code tools to maintain integrity in cloud environments.
  • Demonstrated success driving vulnerability management, threat modeling, and incident response at scale.
  • Proficiency with authentication and authorization protocols and mechanisms (OAuth, SAML, JWT, IAM) to secure identity and access management.
  • Strong foundational networking expertise including cloud networking architectures, OSI model, TCP/IP protocols, routing, and firewall concepts
  • Deep expertise in OWASP Top 10 and other application security frameworks, with proven success driving secure development practices and assessments.
  • Working knowledge of applying compliance frameworks controls including SOC 2 and ISO 27001.
  • Excellent problem-solving skills and ability to influence security strategy across teams.
  • Clear and effective communication skills.
  • Ability to articulate security risks and tradeoffs to both technical and semi-technical audiences.
  • Practical experience integrating multiple systems through APIs and parsing, normalizing, and integrating complex datasets between integrated systems.

What's in it for you?

  • Join an ambitious tech company reshaping the way people build digital experiences
  • Full-time employees receive Stock Options for the opportunity to share in the success of our company
  • Comprehensive healthcare package covering 100% of monthly health premiums for employees and 85% of costs for your dependents.
  • Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.
  • We value Work-Life balance and You Time! A generous amount of paid time off, including vacation days, sick days, compassion days for loss, education days, and volunteer days
  • Company paid parental leave to care for and focus on your growing family
  • Use your personal annual education budget to improve your skills and grow in your career
  • Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties
  • An annual wellbeing stipend to care for your physical, financial, or emotional health
  • A monthly communication stipend and phone hardware upgrade reimbursement.
  • New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.

This role will need to be conducted in a state in which we are currently registered to do business.

The application deadline is 9/11/25

Colorado Salary Statement: The salary range displayed is specifically for those potential hires who will work or reside in the state of Colorado if selected for the role. Any offered salary is determined based on internal equity, internal salary ranges, market data/ranges, applicant's skills and prior relevant experience, certain degrees and certifications (e.g. JD/technology), for example.

Colorado Salary Range: $174,000 - $212,000
[This position is eligible for equity awards in accordance with the terms of Contentful’s equity plans.]

#LI-JE1 #LI-Hybrid

Who are we?

Contentful is a leading digital experience platform that helps modern businesses meet the growing demand for engaging, personalized content at scale. By blending composability with native AI capabilities, Contentful enables dynamic personalization, automated content delivery, and real-time experimentation, powering next-generation digital experiences across brands, regions, and channels for more than 4,200 organizations worldwide. More than 700 people from more than 70 nations contribute their energy and creativity to Contentful, working from hubs in Berlin, Denver, San Francisco, London, New York, and distributed worldwide.

Everyone is welcome here!

“Everyone is welcome here” is a celebrated component of our culture. At Contentful, we strive to create an inclusive environment that empowers our employees. We believe that our products and services benefit from our diverse backgrounds and experiences, and we are proud to be an equal opportunity employer. All qualified applications will receive consideration for employment without regard to race, color, national origin, religion, sexual orientation, gender, gender identity, age, physical [dis]ability, or length of time spent unemployed. We invite you to apply and join us!

If you need reasonable accommodations at any point during the application or interview process, please let your recruiting coordinator know.

Please be aware of scammers who may fraudulently allege to be from Contentful. These types of fraud can be carried out through copycat websites, fake email addresses claiming to be from our company, or social media. We do not ask for your personal information, such as bank account numbers, identification numbers, etc, through social media or chat-based apps, nor do we request or send money for the purchase of business equipment. If you suspect fraud, please report it to your local authorities, as well as reach out to us at security-esk@contentful.com with any information you may have.

By clicking “Apply for this job,” I acknowledge that I have read the “Contentful’s Candidate Privacy Notice” and hereby consent to the collection, processing, use, and storage of my personal information as described therein.

SalaryPine's logo

SalaryPine

Sam Hosseini's photo

Built by Sam Hosseini

© 2025 Borna Oy. 05:23:38
SalaryPine™ aggregates job postings for informational purposes under fair use. All trademarks, logos, and brand names mentioned in the job postings are the property of their respective owners and do not imply endorsement or affiliation.