Senior Security Engineer

About Onit: 

We're redefining the future of legal operations through the power of AI. Our cutting-edge platform streamlines enterprise legal management, matter management, spend management and contract lifecycle processes, transforming manual workflows into intelligent, automated solutions.

We’re a team of innovators using AI at the core to help legal departments become faster, smarter, and more strategic. As we continue to grow and expand the capabilities of our new AI-centric platform, we’re looking for bold thinkers and builders who are excited to shape the next chapter of legal tech.

If you're energized by meaningful work, love solving complex problems, and want to help modernize how legal teams operate, we’d love to meet you.

Onit, Inc. is seeking a seasoned security professional to strengthen the security of our enterprise SaaS applications and corporate infrastructure. In this role, you’ll lead cloud security initiatives, drive incident response, and collaborate across teams to ensure a robust security posture. If you’re passionate about solving complex security challenges and influencing best practices, we’d love to hear from you.

• Support the Onit security function during US Central Time business hours.
• Implement and manage cloud-native security tools and third-party solutions for threat detection and incident response.
• Define, maintain, and execute the Incident Response plan, investigating and resolving incident escalations.
• Perform regular risk assessments and vulnerability scans of cloud infrastructure, ensuring timely remediation.
• Collaborate with Dev, DevOps, and Infra teams to remediate identified vulnerabilities, discuss security best practices, and assist with security incident response.
• Analyze EDR alerts and logs to identify potential security incidents, taking appropriate action.
• Continuously evaluate and implement security tools and practices to enhance the security posture of the Onit environment.
• Assist with application security reviews and threat modeling.
• Assist with security awareness programs for employees regarding security best practices

• Minimum of 5 years of experience in information security, with at least 3 years focused on cloud security for enterprise SaaS applications.

• Proficient in AWS with a strong understanding of AWS networking/VPC, IAM, Security Groups, EC2, RDS, S3, and containers (EKS/ECS).
• Extensive hands-on experience investigating security incidents, along with the creation, management, and execution of security runbooks / playbooks.
• This includes the ability to search logs in CloudTrail, CloudWatch, VPC Flow logs, etc.
• Experience with tooling for network (e.g. Wireshark) and host forensics
• Knowledge of various AWS Native Security tools, security frameworks, and CSPM tools.
• Experience in security tools such as vulnerability scanners, IDS/IPS, SIEM, firewalls, and endpoint security monitoring.
• Experience with threat detection and threat intelligence.
• Must be proficient in Linux.
• Application security experience with an understanding of SAST, DAST, SBOMs, and other scans and artifacts to help improve application security posture
• Experience with AWS Guard Duty and CrowdStrike or equivalent.
• Strong communication, problem-solving, and collaboration skills.

• Experience with Cloudflare and/or AWS WAF configurations.
• Automation experience with one or more of the following: AWS CLI, Bash, Python, Ansible to verify security configurations and automate runbooks is a plus.
• Experience with Microsoft Entra and Mimecast.
• Familiarity with security frameworks such as NIST CSF 2.0.
• Experience with container security (beyond EKS/ECS, e.g., image scanning tools like Trivy).
• Familiarity with CI/CD pipeline security.
• Knowledge of Zero Trust architecture.
• Certifications such as CCSP, AWS Security, OSCP, or equivalent are a plus.

At Onit, we’re committed to offering fair and competitive compensation. In addition to base pay, associates are eligible for an annual discretionary bonus. The final base salary you receive will reflect factors such as your skills, education, experience, and work location.

Benefits & Perks That Support You:

Onit offers a comprehensive total rewards package designed to support the whole employee at work and beyond:

Health Coverage Choices: Three medical plan options, plus dental and vision, so you can choose what fits best.  Employees on our HDHP plan also receive employer contribution to the HSA.

Retirement Savings: 401(k) with a 100% match on the first 3% and 50% on the next 2% of employee contributions.

Time Away: Flexible paid time off, 7 sick days, and 9 paid company holidays annually.

Family Support: Exceptional paid leave for birth parents, non-birth parents, and caregivers.  Onit also offers surrogacy and adoption reimbursement.

Income Protection: 100% employer-paid life and disability insurance.

Additional Coverage Options: Voluntary benefits including hospital indemnity, critical illness, accident, and even pet insurance.

Tax-Advantaged Accounts: Healthcare FSA, HSA, and dependent care FSA.

Community Engagement: One paid volunteer day each year to give back to the community.

Our Commitment to Applicants

We know that not everyone will check every box in a job description. At Onit, we value diversity, inclusion, and authenticity. If you’re excited about this role but your experience doesn’t align perfectly with every qualification, we encourage you to apply. You may be exactly who we’re looking for.

This position will remain open for applications for 7 calendar days from the posting date.