Senior Security Engineer (Application & Cloud Security)

About the Role

MagicSchool is a fast-growing company that has already made a significant impact in the education sector. With over 7 million teachers on its platform, the company is committed to providing a secure and reliable environment for its users. As a Senior Security Engineer, you will play a vital role in helping the company achieve its mission.

The role is based in the United States and offers the opportunity to work remotely. The ideal candidate will have a strong background in security engineering, with experience in cloud security, vulnerability management, and secure development practices.

What You Will Do

• Champion secure development practices, including threat modeling, code reviews, and dependency monitoring
• Lead the implementation and ongoing management of StackHawk and GitHub Advanced Security for automated scanning and triage of emerging threats
• Partner with IT and engineering leadership to maintain core security infrastructure, including firewall management and privilege access controls
• Serve as a trusted security advisor in architecture conversations, helping teams design systems that are secure by default
• Own the end-to-end IAM security strategy across cloud, SaaS, and internal tooling
• Design and execute threat modeling exercises tailored to the unique attack surface of an AI-powered EdTech platform
• Plan and oversee red team assessments, either internally or through third-party partners
• Serve as first responder and on-call point of contact for security incidents
• Own and evolve incident response playbooks, lead postmortems, and run internal enablement programs

What We Are Looking For

• Hands-on experience with SAST, DAST, and SCA tooling, including StackHawk and GitHub Advanced Security
• Prior involvement in offensive security or red teaming
• Strong experience conducting or facilitating threat modeling using formal frameworks or lightweight iterative approaches
• Technical depth and ability to work directly with engineering teams
• Experience with cloud-native security within AWS and/or Google Cloud
• Strong understanding of identity lifecycle management, SSO/SAML/OIDC configuration, and role-based access controls
• Ability to communicate complex security concepts to non-technical stakeholders
• Experience with incident response and security incident management

Nice to Have

• Experience with Zero Trust security models
• Knowledge of AI-powered EdTech platforms and their unique security challenges
• Familiarity with regulatory requirements such as SOC 2, FERPA, and COPPA

Benefits and Perks

• Competitive salary and benefits package
• Opportunity to work with a fast-growing company that's making a significant impact in the education sector
• Collaborative and dynamic work environment
• Professional development opportunities, including training and conference attendance
• Flexible working hours and remote work options
• Access to cutting-edge technology and tools
• Recognition and reward for outstanding performance

• When applying for this role, make sure to highlight your experience with cloud security, vulnerability management, and secure development practices.
• Be prepared to discuss your approach to threat modeling and how you stay up-to-date with the latest security threats and technologies.
• Showcase your ability to communicate complex security concepts to non-technical stakeholders, such as product managers or designers.
• Emphasize your experience working with engineering teams and your understanding of the importance of security in the development lifecycle.
• Research MagicSchool's products and services, and be prepared to discuss how you can contribute to the company's mission and values.
• Be prepared to provide examples of your experience with incident response and security incident management, and how you handle high-pressure situations.