Senior Security Engineer

About the Department

The Security Department’s mission is to protect Bridgewater. We constantly evolve our cyber, physical, and staff security practices to meet business needs and stay ahead of the changing threat landscape.

About the Role

Our Engineering organization is seeking a Senior Security Engineer who thrives at the intersection of security, software engineering, and automation. This role focuses on building secure-by-default platforms that enable fast, reliable, and safe software delivery at scale.

You will play a key role in securing CI/CD pipelines, cloud infrastructure, and developer workflows, while partnering closely with DevOps, platform, and application teams to embed security controls directly into code and tooling. This is a highly collaborative, high-impact role where strong technical execution, sound judgment, and the ability to influence within and across teams are critical.

As a Senior Security Engineer, you will contribute to security architecture, help implement best practices, and drive improvements across infrastructure and application security. You’ll work closely with peers and stakeholders to solve complex problems, support secure design decisions, and help advance Bridgewater’s security-first engineering culture.

What You’ll Do

• Partner with application, platform, infrastructure, and cloud teams to ensure secure, scalable delivery of technology solutions
• Design and implement security solutions that are reusable, automated, and adoptable across teams
• Participate in infrastructure, IaC, application, CI/CD, and cloud security reviews
• Embed security controls directly into developer workflows, pipelines, and platforms
• Communicate technical decisions and risk tradeoffs clearly to engineering teams and stakeholders
• Contribute to the design and implementation of security initiatives and improvements
• Advocate for pragmatic security controls that balance risk reduction with developer velocity and business value
• Apply strong technical judgment to solve problems in distributed, cloud-based systems

Core Requirements

• You are a passionate engineer, and:
• Technology has always been part of how you think and learn—whether through personal projects, open-source contributions, or continuous experimentation
• You actively stay current on emerging technologies, modern attack techniques, and evolving security controls
• You take ownership of your work and follow through from design to implementation
• You value direct feedback, intellectual rigor, and collaborative problem-solving
• You believe strong security outcomes come from effective teamwork and shared accountability
• Bachelor’s or Master’s degree in Computer Science or a related field, or equivalent practical experience
• 5+ years of experience in security engineering, security architecture, or platform/infrastructure security
• 2+ years of hands-on experience with one or more of the following programming languages: Python, Go, Java, or similar
• Strong experience with modern software development workflows and tools (Git, GitHub/GitLab, CI/CD systems)
• Experience implementing security controls using Infrastructure as Code tools such as Terraform, Ansible, or similar
• Experience securing cloud environments in AWS and/or Azure
• Familiarity with cloud security posture management (CSPM) and runtime security tools (e.g., Wiz or equivalents)
• Solid fundamentals in networking and distributed systems
• Experience working across Linux and Windows environments
• Experience with Kubernetes (EKS and/or AKS)
• Experience using AI-assisted development tools (e.g., Cursor, Claude Code, GitHub Copilot) to:
• Accelerate secure coding and refactoring
• Improve code review quality and consistency
• Prototype security tooling and automation

Preferred Experience

• Hands-on experience with cloud-native and containerized platforms, including Kubernetes, Docker, and serverless technologies
• Experience securing Kubernetes, code repositories, and CI/CD pipelines
• Familiarity with tools such as Kyverno, Gatekeeper, Trivy, TruffleHog, Wiz, or similar
• Experience with Zero Trust architectures and related tooling
• Background in network and application security controls (firewalls, WAFs, proxies, DLP, IDS/IPS)
• Experience participating in threat modeling and secure design reviews
• Exposure to data platforms and securing data pipelines
• Relevant security certifications such as CISSP, CCSP, CKS, GIAC, AZ-500, or AWS Security