Security Automation Engineer

Job Description

Position:              Security Automation Engineer

Department:       Security

Reports to:           Cyber Security Architect

Location: Full-time, work from home

Compensation: $70,000-$85,000 USD

Open through:   February 18, 2026

Tessitura is a non-profit company dedicated to helping arts and cultural organizations thrive.

CRM lies at the heart of our mission and our technology platform. With Tessitura in their toolkit, organizations can achieve their goals with ease.

The Tessitura community includes over 800 cultural institutions in ten countries. Our staff provide ²⁴⁄₇ support and offer guidance to grow revenue and build lifelong engagement.

Job Summary:

The Security Automation Engineer works ensures that effective security practices are integrated throughout the software development lifecycle and across Tessitura’s cloud services. As part of the security architecture and operations and team, this role focuses on implementing secure CI/CD pipelines and developing security automation.

The Security Automation Engineer builds and maintains Security-as-a-Service capabilities for consumption by other teams at Tessitura. A key aspect of this position is creating secure “paved roads” that enable developers to move quickly while adhering to established security standards and reference architectures. The engineer embeds within project teams and partners closely with the Infrastructure Engineering team.

This position requires a solid and continuously reinforcing understanding of software development practices and a security-first mindset.

This position is ideal for someone who is genuinely excited about making security accessible to engineering teams and who thrives in a collaborative, remote-work environment.

Primary Responsibilities:

• Implement and maintain secure CI/CD pipelines using Bitbucket Pipelines, AWS CodePipeline, and other automation tools as part of ensuring that security is integrated throughout the software development lifecycle.
• Develop secure “paved roads” including preconfigured Terraform modules, container images, and pipeline templates. Update the paved roads as security requirements and capabilities evolve. Contribute security requirements and standards to the Engineering Foundations.
• Create and maintain guardrails that enable developers to move quickly while automatically enforcing security standards.
• Build and maintain security scanning automation as part of CI/CD pipelines, including vulnerability scanning, static code analysis, and dependency checking.
• Build and maintain Security-as-a-Service offerings for internal use, e.g.:
  • Reusable security tools and libraries
  • Pre-approved design patterns and reference architectures
  • Developer-friendly documentation and how-to guides
• Build and maintain log ingestion pipelines and services to collect security-relevant data. Configure Splunk forwarders, inputs, and parsing configurations to ensure data collection is efficient and actionable.
• Build and maintain automations that streamline security operations and reduce manual processes.
• Embed into software engineering project teams as an assigned security representative.
• Continuously collaborate with the Infrastructure Engineering team, acting as the liaison between Security and Infrastructure Engineering.
• Track security tasks, projects, and vulnerabilities using Jira to ensure steady momentum and proper prioritization.
• Stay current with security automation best practices, emerging threats, and new security technologies.

General Responsibilities:

• Collaborate with the Engineering team, including close partnership with the Infrastructure Engineering team.
• Collaborate with the Security Operations team around Security-as-a-Service offerings, security tooling including logging, compliance responsibilities, and the overarching goal of continuously improving Tessitura’s security posture.
• Implement security solutions designed by security and engineering leaders and architects.
• Maintain and improve Tessitura’s security posture, with a focus on protecting member-owned data.
• Take ownership of nominated security initiatives and foster a security-conscious culture across the organisation.
• Maintain an appropriate understanding of the security risks and compliance requirements that face Tessitura as an international organization.
• Travel 2-3 times per year for meetings and conferences.
• Distributed nature of the workforce may require occasional off hours meetings to support international staff. (flex time as appropriate)
• As a term of employment, the post holder may be required to undertake such other duties and/or times of work as may be reasonably required commensurate with their general level of responsibility within the organization.

Required Skills and Experience:

• A Bachelor’s degree in a field related to computer science, cyber security, or information technology—or recent equivalent experience.
• One to three years of experience in a DevOps, software engineering, cyber security, or application security role.
• Experience securing CI/CD pipelines and working with infrastructure-as-code tools.
• Understanding of AWS security services and infrastructure management.
• Working knowledge of application security testing approaches (e.g. SAST, DAST, SCA).
• Working knowledge of Git version control and branching strategies.
• Familiarity with shift-left and developer-centric approaches to application security—and an ability to design and implement security solutions that support fast, secure software development.
• Experience building or maintaining log ingestion pipelines, including configuring their data inputs and setting up log forwarding.
• A high level of comfort both working independently and being embedded into cross-functional or project teams.
• An effective approach to communicating and partnering with developers that results in practical security outcomes.
• Eagerness to learn new technologies and adapt to new security challenges.
• The legal right to work in the United States.

Preferred Skills and Experience:

• Proficiency in Python for creating automation scripts or security tools.
• Experience in a C# or .NET software engineering ecosystem.
• Experience with Atlassian tools including Bitbucket, Jira, and Confluence.
• Working knowledge of payment card industry security requirements.
• Industry certifications such as:
  • AWS Certified Cloud Practitioner
  • AWS Certified Security – Specialty
  • HashiCorp Certified Terraform Associate
  • GIAC Cloud Security Essentials
  • GIAC Cloud Security Automation
• Experience using container technologies.
• Experience with policy-as-code tools.
• Demonstrated understanding of network security controls and network segmentation principles.

How to apply

Please apply by using the online form. If you have any questions or need assistance, please contact us at [email protected]

Our company is committed to building a team that represents a variety of backgrounds, perspectives, and skills, as well as providing a workplace of mutual respect, free of any discrimination or harassment. We seek to recruit, develop, and retain the most talented people from a diverse candidate pool.

Benefits and Compensation

The compensation reflects a U.S. salary range based on current market data. The candidate’s skills, experience, and other relevant factors will determine the final compensation.

Tessitura Network offers a comprehensive and robust benefits package designed to support our employees’ well-being. Our offerings include various medical, dental, and vision plans, as well as life and AD&D insurance, disability insurance, employee assistance programs, and a 401(k) retirement plan with employer match. We prioritize work-life balance by providing generous paid time off, including vacation and sick leave, 12 weeks of paid parental leave, a 7-week sabbatical after seven years of service, and a recharge week between Christmas and New Year’s. These benefits are available to our fully remote team, with adjustments made as required by local laws.

Diversity, Equity, Accessibility, and Inclusion (DEAI) Commitment

At Tessitura, our mission is to enable arts and cultural organizations to achieve their goals. We recognize that having a diverse team is not only critical to our commitment to adopt equitable behaviors, but it will also fuel collaboration, innovation and creativity as we deliver on our mission.

Creating an environment where everyone feels safe and comfortable in bringing their authentic selves to work is both our pledge and our passion.

Ultimately, providing an accessible and inclusive workplace will allow the Tessitura community to thrive.

Equal Opportunity

Tessitura is an equal opportunity employer and does not unlawfully discriminate against employees and applicants for employment based on race, color, sex, religion, national origin, citizenship status, age, genetic information, sexual orientation, creed, marital status, gender identity and expression, physical or mental disability of an otherwise qualified individual, membership or application for membership in a uniformed service, engaging in legally protected activity, or any other characteristic protected under applicable law. Tessitura also provides reasonable accommodations to applicants and employees in accordance with applicable law. Subject to its legitimate business requirements, Tessitura bases all personnel actions, such as recruitment, hiring, training, promotion, transfer, layoff, recall, compensation and benefits, discipline, termination, and educational, recreational, and social programs, solely on an individual’s qualifications, merit and performance.