Job Description
π Distinguished Tech Innovator:
3Pillar warmly extends an invitation for you to join an elite team of visionaries. Beyond software development, we are dedicated to engineering solutions that challenge conventional norms. Envision you: steering projects that redefine urban living, establish new media channels for enterprise companies, or drive innovation in healthcare. Your invaluable expertise will serve as the cornerstone in shaping the future direction of our endeavors.
This role transcends the ordinary realms of coding; it’s about orchestrating technological marvels that disrupt industries. Seize this extraordinary opportunity to lead a team that is actively shaping the tech landscape for our clients, and sets global standards along the way. ππ₯
Key Responsibilities
- Vulnerability & Product Security:
- Own the end-to-end vulnerability management program across our SaaS products, cloud infrastructure, containers, and endpoints including identification, triage, prioritization, remediation tracking, and reporting.
- Operate and tune SAST, SCA, and dependency-scanning tooling (e.g., Snyk, GitHub Advanced Security/Dependabot) and partner with engineering teams to drive timely remediation.
- Monitor runtime and infrastructure telemetry (e.g., Datadog) for security signals; investigate alerts and lead containment and follow-up actions.
- Track and report on vulnerability SLAs, mean-time-to-remediate, and other security KPIs to leadership.
- Cloud & Endpoint Security:
- Enhance the security posture of our Microsoft Azure environment including identity, networking, data, and workloads through configuration hardening, policy enforcement, and continuous monitoring.
- Administer and improve Microsoft Intune for endpoint configuration, compliance, and mobile device management.
- Tune and maintain Microsoft Defender (Endpoint, Cloud, and related products) for threat detection, response, and reporting.
- Implement and operate Microsoft Purview controls for data classification, DLP, and information protection.
- Governance, Risk & Compliance:
- Draft, update, and maintain corporate information security policies, standards, and procedures aligned to recognized frameworks (e.g., SOC 2, ISO 27001, NIST CSF).
- Lead the response to customer and prospect security questionnaires, RFPs, and due-diligence requests, and maintain a reusable response library.
- Support vendor risk assessments and third-party security reviews.
- Assist with internal and external audits, evidence collection, and remediation of findings.
- Security Program & Collaboration:
- Partner with Engineering on secure SDLC practices, threat modeling, and code review guidance.
- Contribute to security awareness training, phishing simulations, and a strong security culture across the company.
- Help mature incident response playbooks and participate in tabletop exercises and on-call rotations as needed.
Minimum Qualifications:
- 4β6 years of professional experience in information security, application security, cloud security, or a closely related role.
- Hands-on experience securing SaaS applications and workloads running in Microsoft Azure.
- Demonstrated experience with vulnerability management tooling and process including triage, prioritization (e.g., CVSS, EPSS, exploitability context), and driving remediation through engineering teams.
- Working proficiency with several of the following: Microsoft Intune, Microsoft Defender (Endpoint/Cloud), Microsoft Purview, Datadog, GitHub (Advanced Security, Dependabot, code scanning), and Snyk.
- Solid understanding of identity and access management concepts, particularly Microsoft Entra ID (Azure AD), conditional access, and least-privilege design.
- Experience writing or substantially contributing to security policies, standards, or procedures.
- Experience responding to customer security questionnaires and supporting compliance efforts (SOC 2, ISO 27001, or similar).
- Strong written and verbal communication skills and able to translate technical risk for both engineers and non-technical stakeholders.
Additional Experience Desired:
- Industry certifications such as CISSP, CCSP, AZ-500, SC-200, SC-100, GCIH, GSEC, or equivalent.
- Scripting/automation experience (PowerShell, Python, Bash) and familiarity with infrastructure-as-code (Terraform, Bicep, ARM).
- Experience with container and Kubernetes security.
- Exposure to threat modeling, secure code review, or penetration testing.
- Prior experience in a SaaS company or regulated industry.
3Pillar is an AI transformation partner on a mission to help enterprises build the AI-native products and intelligent agents that will define the next era of business. With teams across North America, Europe, Latin America, and Asia, we work with the most ambitious companies in financial services, healthcare, media, and technology β helping them move faster, modernize boldly, and compete on their own terms. Our HelixAI platform and Helix Pods delivery model put our engineers at the center of real agentic transformation β doing work that is open, portable, and built to last. We are building the future of enterprise AI.
What is it like working for 3Pillar Global?
At 3Pillar, we offer a world of opportunity:
Imagine a flexible work environmentβ whether it’s the office, your home, or a blend of both. From interviews to onboarding, we embody a remote-first approach.
You will be part of a global team, learning from top talent around the world and across cultures, speaking English everyday. Our global workforce enables our team to leverage global resources to accomplish our work in efficient and effective teams.
Weβre big on your well-being β as a company, we spend a whole trimester in our annual cycle focused on wellbeing. Whether it is taking advantage of fitness offerings, mental health plans (country-dependent), or simply leveraging generous time off, we want all of our team members operating at their best.
Our professional services model enables us to accelerate career growth and development opportunities - across projects, offerings, and industries.
We are an equal opportunity employer. It goes without saying that we live by values like Intrinsic Dignity and Open Collaboration to create cutting-edge technology AND reinforce our commitment to diversity - globally and locally.
Join us and be a part of a global tech community! ππΌ Β Check out our Linkedin site and Careers page to learn more about what itβs like to be part of our #oneteam!
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
