Security Engineer Jobs
Security Engineer jobs are open across financial services, healthcare, technology, defense, and government contracting, from junior analyst-adjacent roles to principal and staff level, with specializations in cloud security, application security, and security operations. Find a role that fits from the openings below and apply directly.
Find Security Engineer JobsOverview
Showing 5 of 3,160+ Security Engineer jobs
About us
Beast Industries is a multifaceted media and entertainment company founded by Jimmy Donaldson, popularly known as MrBeast, the most watched person in the world. Renowned for revolutionizing digital content creation, Beast Industries encompasses a diverse portfolio of ventures that extend far beyond its origins on YouTube. With a mission to entertain, inspire, and create significant social impact, Beast Industries operates across various domains including digital media, philanthropy, consumer products, and innovative business initiatives. At Beast Industries, we believe in the transformative power of digital media and its potential to entertain, educate, and effect positive change. Our commitment to innovation, creativity, and philanthropy drives us to explore new frontiers, create unforgettable experiences, and build a legacy that inspires future generations.
Compliance & Security Engineer
Primary: Bay Area (San Francisco / Peninsula) | Secondary: NYC
The Opportunity
We're doing an AI-first engineering rebuild for a company that already has an audience of 100M+ people. This is a zero-to-one build with no legacy constraints, which means you get to stand up the security and compliance foundation correctly from the start. The stakes here are concrete: Step handles money and serves minors, Feastables carries consumer and supply-chain data, and the media business ships fast and constantly. You're here to make regulated products shippable without slowing them down.
The Mandate
You'll be a single principal-level IC bridging two disciplines that usually live on separate teams: security engineering (threat modeling, vulnerability management, hardening, incident response) and compliance engineering (control design, audit evidence, framework mapping across SOC 2, PCI DSS, COPPA, and privacy law). That means:
- Own the security architecture and the technical compliance posture across Step, Feastables, and the media org.
- Build one control framework, with each control mapped to the regulation it satisfies (PCI DSS, COPPA, GDPR/CCPA, SOC 2).
- Make compliance continuous by automating evidence collection and control monitoring, not a once-a-year scramble.
- Set the security standards other engineers build against across cloud infrastructure, applications, and data systems.
- Lead threat modeling and security reviews for high-risk products, especially Step's payment and account systems and anything touching minors' data.
- Run the vulnerability management program and drive remediation to closure with the teams that own the systems.
- Build and own incident response: detection, playbooks, escalation, post-incident review, and breach-notification readiness.
- Act as technical lead during PCI DSS and SOC 2 audits, and represent Beast with auditors, regulators, and partners.
- Translate regulatory requirements into engineering work teams can act on, and advise leaders on risk tradeoffs in plain terms.
- Define secure-by-default patterns and paved paths so most teams meet requirements without one-off review.
Who You Are
- AI-Native: You're already using AI daily and bringing it into security work where it earns its place, from automation to evidence pipelines.
- Security + Compliance Hybrid: Around 15 years of combined security engineering and compliance experience, with proven ownership of PCI DSS and SOC 2 in production, from control design through a successful audit.
- Applied and Hands-On: Strong cloud security (AWS/GCP), application security, threat modeling, and incident response, with the ability to read and reason about code.
- Trusted on Risk: You say no clearly when risk warrants it and explain the tradeoff in terms the business can act on, you treat minors' data and customer money as the highest bar, and you influence through evidence, not title. Working knowledge of privacy and minor-protection regulation (COPPA, GDPR, CCPA) and how it maps to technical controls. Bonus points for fintech or payments experience (money movement, KYC), security automation and infrastructure-as-code (Terraform, policy-as-code), relevant certifications (CISSP, CCSP, OSCP), and standing up a security or compliance function from an early stage.
Benefits
- Equity: Highly competitive equity package designed for a foundational hire.
- Hybrid Model: Expected: 3 days per week in-office (Bay Area or NYC).
The Perks, Why Work On the MrBeast Team
We are redefining what entertainment and storytelling look like at global scale. Every piece of content we publish reaches millions and influences culture in real time. This is your opportunity to lead the team that decides how those moments come to life across every screen.
- Competitive Salary
- Generous Medical (Blue Cross Blue Shield), Dental, Vision and company-paid Life Insurance
- Company contributions to employee Health Savings Accounts (HSA)
- 401k Plan with Safe Harbor company-matching
- Flexible vacation policy and paid company holidays
- Company-provided technology package
- Relocation assistance where applicable, including travel and company-provided housing for the first 90 days
About us
Beast Industries is a multifaceted media and entertainment company founded by Jimmy Donaldson, popularly known as MrBeast, the most watched person in the world. Renowned for revolutionizing digital content creation, Beast Industries encompasses a diverse portfolio of ventures that extend far beyond its origins on YouTube. With a mission to entertain, inspire, and create significant social impact, Beast Industries operates across various domains including digital media, philanthropy, consumer products, and innovative business initiatives. At Beast Industries, we believe in the transformative power of digital media and its potential to entertain, educate, and effect positive change. Our commitment to innovation, creativity, and philanthropy drives us to explore new frontiers, create unforgettable experiences, and build a legacy that inspires future generations.
Compliance & Security Engineer
Primary: Bay Area (San Francisco / Peninsula) | Secondary: NYC
The Opportunity
We're doing an AI-first engineering rebuild for a company that already has an audience of 100M+ people. This is a zero-to-one build with no legacy constraints, which means you get to stand up the security and compliance foundation correctly from the start. The stakes here are concrete: Step handles money and serves minors, Feastables carries consumer and supply-chain data, and the media business ships fast and constantly. You're here to make regulated products shippable without slowing them down.
The Mandate
You'll be a single principal-level IC bridging two disciplines that usually live on separate teams: security engineering (threat modeling, vulnerability management, hardening, incident response) and compliance engineering (control design, audit evidence, framework mapping across SOC 2, PCI DSS, COPPA, and privacy law). That means:
- Own the security architecture and the technical compliance posture across Step, Feastables, and the media org.
- Build one control framework, with each control mapped to the regulation it satisfies (PCI DSS, COPPA, GDPR/CCPA, SOC 2).
- Make compliance continuous by automating evidence collection and control monitoring, not a once-a-year scramble.
- Set the security standards other engineers build against across cloud infrastructure, applications, and data systems.
- Lead threat modeling and security reviews for high-risk products, especially Step's payment and account systems and anything touching minors' data.
- Run the vulnerability management program and drive remediation to closure with the teams that own the systems.
- Build and own incident response: detection, playbooks, escalation, post-incident review, and breach-notification readiness.
- Act as technical lead during PCI DSS and SOC 2 audits, and represent Beast with auditors, regulators, and partners.
- Translate regulatory requirements into engineering work teams can act on, and advise leaders on risk tradeoffs in plain terms.
- Define secure-by-default patterns and paved paths so most teams meet requirements without one-off review.
Who You Are
- AI-Native: You're already using AI daily and bringing it into security work where it earns its place, from automation to evidence pipelines.
- Security + Compliance Hybrid: Around 15 years of combined security engineering and compliance experience, with proven ownership of PCI DSS and SOC 2 in production, from control design through a successful audit.
- Applied and Hands-On: Strong cloud security (AWS/GCP), application security, threat modeling, and incident response, with the ability to read and reason about code.
- Trusted on Risk: You say no clearly when risk warrants it and explain the tradeoff in terms the business can act on, you treat minors' data and customer money as the highest bar, and you influence through evidence, not title. Working knowledge of privacy and minor-protection regulation (COPPA, GDPR, CCPA) and how it maps to technical controls. Bonus points for fintech or payments experience (money movement, KYC), security automation and infrastructure-as-code (Terraform, policy-as-code), relevant certifications (CISSP, CCSP, OSCP), and standing up a security or compliance function from an early stage.
Benefits
- Equity: Highly competitive equity package designed for a foundational hire.
- Hybrid Model: Expected: 3 days per week in-office (Bay Area or NYC).
The Perks, Why Work On the MrBeast Team
We are redefining what entertainment and storytelling look like at global scale. Every piece of content we publish reaches millions and influences culture in real time. This is your opportunity to lead the team that decides how those moments come to life across every screen.
- Competitive Salary
- Generous Medical (Blue Cross Blue Shield), Dental, Vision and company-paid Life Insurance
- Company contributions to employee Health Savings Accounts (HSA)
- 401k Plan with Safe Harbor company-matching
- Flexible vacation policy and paid company holidays
- Company-provided technology package
- Relocation assistance where applicable, including travel and company-provided housing for the first 90 days
See All 3,160+ Security Engineer Jobs
Jump back to the full list of openings and apply to any security engineer role that fits.
Find Security Engineer JobsSecurity Engineer Job Market
A snapshot from current openings nationwide, updated as new roles post.
Who's Hiring
- CVS Health107
- Apple80
- Amazon61
- Google44
- Ryder System44
Top Industries Hiring
- Technology & Software1,128
- Consulting & Professional Services281
- Banking & Financial Services247
- Healthcare & Medical Services194
- Electronics & Hardware183
What Employers Look For
The qualifications that appear most often in security engineer jobs.
- Three or more years of experience in information security or a related engineering role
- Proficiency with SIEM platforms such as Splunk, Microsoft Sentinel, or CrowdStrike
- Hands-on experience securing cloud environments in AWS, Azure, or Google Cloud
- Familiarity with security frameworks including NIST, ISO 27001, or CIS Controls
- Bachelor's degree in computer science, information security, or a related field
- Industry certification such as CISSP, CEH, Security+, or OSCP
Tips for Your Security Engineer Job Search
Tailor your resume to each subdomain
Security engineering splits into distinct lanes: appsec, cloudsec, detection engineering, GRC, and more. Recruiters scan fast, so lead with the subdomain you're targeting and front-load the tools and frameworks that match the job description, not a generic summary.
Earn certifications that match the role
CISSP opens doors at the senior level, while OSCP signals hands-on offensive capability. For cloud-focused roles, AWS or Azure security certifications carry weight. Match your cert prep to the specific opening, not just the broadest credential you can collect.
Apply early to roles that fit
Migrate Mate lists security engineer openings from across the United States in one place, so you can find roles that match your subdomain and experience level and apply directly to each listing.
Build a portfolio with documented findings
Hiring managers in security want evidence of real work. A write-up of a CTF challenge, a bug bounty disclosure, or a lab environment you built and attacked demonstrates practical skill in a way a resume bullet never can. Link it in your application.
Prepare for the technical interview format
Security engineer interviews typically combine a whiteboard threat-modeling exercise, a code review or script-writing task, and scenario questions about incident response. Practice narrating your reasoning out loud while working through problems, not just arriving at the right answer.
Negotiate using total compensation, not base alone
Security roles at larger organizations often include equity, on-call differentials, and professional development budgets for certifications. Get the full offer in writing before comparing it to another, and ask specifically about the training and cert reimbursement policy.
Security Engineer Jobs: Frequently Asked Questions
Which companies are hiring the most security engineers?
The companies hiring the most security engineers right now include CVS Health, Apple, and Amazon, with the largest share of openings in California, Texas, and New York, based on current listings on Migrate Mate as of June 2026. Demand is highest at organizations with large cloud infrastructure, financial data, or government contracts.
How many security engineer jobs are remote?
About 33% of security engineer openings are fully remote or hybrid as of June 2026, making it one of the more flexible technical disciplines. Detection engineering, cloud security, and GRC roles tend to be the most remote-friendly, while roles requiring hands-on lab access or classified clearance work are typically on-site.
How do you become a security engineer?
Start with a foundation in networking, operating systems, and scripting, then move into security-specific skills like vulnerability assessment, threat modeling, and log analysis. Earn an entry-level certification such as CompTIA Security+ to validate fundamentals. Build practical experience through CTF competitions, home labs, or bug bounty programs, then apply to junior security or SOC analyst roles that lead into engineering positions.
Can you get hired as a security engineer with little experience?
Yes, many employers hire security engineers at the junior level from adjacent roles such as systems administration, network engineering, or SOC analysis. Documented hands-on projects, a relevant certification, and demonstrated ability to read and write code carry more weight than years of experience alone. Targeting smaller organizations or managed security service providers often provides a faster path in than enterprise hiring pipelines.
What does the security engineer interview process look like?
Most security engineer interviews run three to five rounds. An initial recruiter screen is followed by a technical phone interview covering fundamentals, then one or more live technical rounds that include threat modeling, code review, or a take-home lab exercise. Senior roles typically add a systems design or architecture round. Final interviews often involve a hiring manager conversation focused on judgment, past incidents, and cross-team communication.
Where can I find and apply to security engineer jobs?
You can find and apply to security engineer jobs on Migrate Mate, which lists current openings from employers across the United States. Search by role, location, or specialization to find positions that match your background, then apply directly to each listing from the page.
See All 3,160+ Security Engineer Jobs
Jump back to the full list of openings and apply to any security engineer role that fits.
Find Security Engineer Jobs