Senior Security Engineer

Job Description

About Magpie

At Magpie, we envision a world where every child, no matter their background, becomes a confident reader. Our nonprofit team combines research-backed instruction, joyful game design, and innovative technology to tackle America’s reading crisis head-on — with the goal of eradicating illiteracy through a digital-first, student-centered approach.

Role Summary

We’re seeking an experienced Senior Security Engineer to join our small, mission-driven Platform team. You’ll wear many hats, work across boundaries, and help us build a platform that scales impact—not just traffic.

We’re seeking a pragmatic, mission-driven Senior Security Engineer to join our Engineering team. In this role, you’ll design and harden AWS-based infrastructure and services to ensure Magpie’s learning platform remains resilient, trustworthy, and compliant as we scale. You’ll work cross-functionally to embed secure-by-design principles into the systems that power joyful reading experiences for students and the tools that enable educators to measure progress with confidence.

You’re drawn to missions that matter. You think deeply about the systems behind learning, not just the code. You balance pragmatism with curiosity and build for the long term. The ideal candidate pairs strong technical execution with deep empathy for users, thrives in a collaborative startup environment, and is motivated by the opportunity to make reading joyful and accessible for all.

What You’ll Do:

• Design and build platform capabilities that deliver reliable, high-value features with safety, precision, and user focus.
• Collaborate closely with product managers, designers, and fellow engineers to create new features and improve existing ones.
• Approach the platform as a product: maintain a clear understanding of customer needs, identify friction points, and take ownership of outcomes with metrics-driven decision making (KPIs, OKRs, and North Star metrics).
• Use data to inform decisions, measure impact, and drive improvements through empirical evidence.
• Take ownership across all phases of development, from design to production, and monitor system performance in live environments.
• Continuously improve the flow of work from idea to production, using data to identify and remove friction.
• Write clean, efficient, and well-documented code following best practices.
• Build and maintain APIs, and integrate with third-party services.
• Ensure application performance, quality, and responsiveness across platforms.
• Participate in code reviews, testing, and debugging to maintain high-quality deliverables.
• Mentor other engineers and contribute to their growth.
• Contribute to architectural decisions and help define technical standards and best practices.
• Stay up to date with emerging technologies and suggest improvements to enhance development processes.

Requirements

A strong candidate will possess:

✅ 5+ years of experience in cloud security engineering, with deep expertise in cloud computing

✅ Hands-on experience with AWS security services (such as IAM, KMS, GuardDuty, Config, Security Hub) and infrastructure-as-code frameworks like Terraform or CloudFormation.

✅ Strong programming skills in languages such as Python, Go, or JavaScript, with the ability to build security automation, integrate APIs, and contribute to secure application and infrastructure tooling.

✅ Demonstrated capability to build or enhance security observability, including logging pipelines, SIEM integrations, and anomaly detection.

✅ Familiarity with modern application security practices, including container security, supply chain security, and CI/CD pipeline hardening.

✅ Ability to drive incident response processes, conduct root-cause analyses, and implement long-term corrective actions.

Tech Stack:

• Infrastructure / Backend: AWS, Terraform, SQL/NoSQL, Kubernetes, Docker
• Programming Languages: TypeScript, Python
• Security Tools: SIEM, SAST/DAST, Container scanning tools, Supply Chain
• Other Tools: Datadog, GitHub, Miro, SonarCube, Notion, Slack, Jira

Within your first 30 days, you will:

• Demonstrates a clear understanding of Magpie’s mission, OKRs, and learner-focused product strategy by mapping how platform security contributes to trust, reliability, and equitable access for students and educators.
• Develops a comprehensive understanding of Magpie’s technical landscape by reviewing AWS architecture diagrams, data flows, service boundaries, IAM patterns, and CI/CD pipelines, and documents key insights to inform future security work.
• Builds effective cross-functional relationships with Platform Engineering, Product Engineering, Data, and Compliance stakeholders, and establishes clear channels for collaboration on security-related decisions.
• Learns Magpie’s security tooling ecosystem—CloudTrail, GuardDuty, KMS, Terraform patterns, monitoring stack—and demonstrates foundational proficiency through guided walkthroughs and hands-on exploration.
• Engages in shadowing and pairing sessions with engineers to observe operational processes (deployments, incident handling, code reviews) and identifies architectural or procedural areas where security can strengthen long-term reliability.

By day 60, you’re:

• Supports ongoing vulnerability management and incident-readiness processes, demonstrating the ability to participate effectively in triage, analysis, and communication.
• Strengthens functional relationships by consistently engaging with partners across engineering, demonstrating responsiveness, clarity, and a collaborative approach to solving security and reliability challenges.
• Delivers concise security findings summary synthesizing observations from the first 30–60 days, highlighting gaps, dependencies, and areas where small changes can meaningfully improve reliability and data protection.
• Completes one low-risk, well-scoped security task—such as refining a small IAM permission, improving documentation, or enhancing a monitoring alert—to demonstrate early ownership while prioritizing learning and context gathering.

By day 90, you will:

• Leads a lightweight threat assessment or design review for a key system or service, demonstrating the ability to influence architectural decisions and articulate clear, risk-informed recommendations.
• Assumes clear ownership of one or more core security domains (such as IAM architecture, secrets management, logging and detection, or CI/CD security), contributing reliable guidance and steadily improving these systems.
• Demonstrates increasing strategic impact by communicating clearly with stakeholders, balancing security with product velocity, and serving as a trusted partner in shaping a secure, scalable learning platform.
• Enhances infrastructure observability by tuning or extending logging, metrics, or alerting to provide clearer security signals that support faster investigation and higher platform reliability.

What Success Looks Like

• Strengthens Magpie’s cloud security posture, demonstrated by measurable reductions in high-risk misconfigurations, improved IAM permission hygiene, and consistent adherence to secure-by-default patterns across services and infrastructure.
• Enables secure scaling of the platform by influencing architectural decisions and ensuring new features, data flows, or infrastructure components launch with strong security foundations that protect learners, educators, and organizational data.
• Improves detection and response effectiveness by delivering reliable, actionable security signals (e.g., tuned alerts, expanded logging coverage), resulting in faster triage times and fewer false positives that disrupt engineering workflows.

Benefits

Benefits

What You'll Receive:

• Salary range of $148,000 - $163,000 per annum
• Competitive medical, dental, vision benefits
• Opportunity to work remotely for a mission-driven company full of change-makers
• Enjoy the freedom of flexible time off to balance work and personal life, ensuring you stay refreshed and productive.
• 401k with 4% guaranteed match
• Work environment that values balance and harmony with a deep commitment to diversity, equity and inclusion
• Opportunity to travel and meet your team members in-person 2x per year

Join Us

At Magpie, your work will directly unlock the great reader in every child. If you’re ready to lead with purpose, build with urgency, and partner with a mission-driven team to solve one of America’s biggest educational challenges — we want to hear from you.