Job Title: Senior Security Engineer
Company: HouseCanary
Location: Remote - US

About us:

HouseCanary is a leading real estate data analytics firm on a mission to revolutionize the way properties are valued and transactions are conducted. Our platform is built on cutting-edge technology, with a commitment to exceptional quality and actionable insights.

HouseCanary is the authoritative source for accurate, uniform information that is analyzed and visualized in real-time to allow customers to make better, faster decisions. We’re using data and analytics to predict the future of US residential real estate. Our goal is to help people make better decisions by offering innovative and unparalleled insights. HouseCanary’s platform accurately forecasts values 36 months into the future for three million residential blocks and more than 136 million properties.

About the role:

We are looking for a hands-on Senior Security Engineer to own the security of our AWS environment and product suite. While our industry is not heavily regulated, our customers are - we serve clients in the financial industry who demand both rigorous security standards, and provable conformance.

We’ve invested heavily in building a modern cloud-native infrastructure stack, with segregated AWS accounts, full infrastructure as code and heavy use of automation. You will bridge the gap between compliance requirements and engineering reality. Your job is to automate security controls so that "being compliant" is the default state of our infrastructure, not a manual checklist we scramble to complete before an audit.

Why This Role Matters

In this role, you directly impact our bottom line. By building a transparent, automated, and robust security posture, you reduce the time it takes for our sales team to close enterprise deals. You aren't just protecting servers; you are building the trust that allows our business to grow.

What you'll do:

AWS Infrastructure Security

  • Architecture & Hardening: Design and secure multi-account AWS environments. Manage VPC architecture, Security Groups, and NACLs to ensure strict network segmentation.
  • Identity Management: Enforce least-privilege access using Okta and AWS IAM Identity Center (SSO). Write and refine complex IAM policies to ensure developers have the access they need without over-permissioning.
  • Threat Detection: Tune and manage AWS-native security services (GuardDuty, Security Hub, OpenSearch) to filter noise and focus on high-fidelity alerts.

Customer-Driven Compliance (The "Sales Enabler" Aspect)

  • Automated Governance: Implement AWS Config rules and conformance packs to continuously monitor our environment against frameworks like SOC 2 and CIS.
  • Audit Defense: Act as the technical point of contact for external auditors and customer security reviews. You will translate vague customer questionnaires (CAIQ, VSA) into concrete evidence from our tech stack.
  • Vulnerability Management: Own the process of scanning and remediation, ensuring we meet the SLAs promised in our customer contracts.

DevSecOps & Infrastructure as Code

  • Security as Code: You will not be clicking in the console. Our approach focuses on automation and leverage through code - from common IaC modules to automated security checks embedded into development pipelines.
  • Pipeline Integration: Embed security checks into our CI/CD pipelines to catch misconfigurations before they are deployed.
  • Code Review: Collaborate with engineering teams to review code (Go/TypeScript/Python) and architecture for security flaws, acting as a partner rather than a blocker.

What you'll bring:

  • Modern Coding: Ability to read and understand application code. Experience with Go or TypeScript is a major plus, as it allows you to speak the same language as our developers.
  • AWS Expertise: 5+ years in security, with deep hands-on experience in the AWS ecosystem. You should know the difference between a NACL and a Security Group and how to debug an IAM error in your sleep.
  • Compliance Translation: Experience working in a B2B environment where you had to align engineering practices with customer demands or frameworks like SOC 2 or ISO 27001.
  • IaC Proficiency: Strong experience with Terraform or similar. You treat infrastructure as software and are comfortable writing modules that other teams consume.

Bonus Skills:

  • Experience with "Compliance-as-Code" tools (e.g., Vanta, Drata, or custom AWS Config rules).
  • AWS Security Specialty Certification.
  • Experience in the real estate or finance industry.

Compensation and benefits are extremely market competitive. We are fully remote in the US, so we all work from the comfort of our own homes across the US. The base salary range is $140,000-$200,000 DOE and location. This position is also eligible for equity and a discretionary bonus. As for benefits, we pay 100% of the healthcare premiums for our employees AND their dependents, unaccrued paid time off, and we offer a very robust benefits package!

Resume to: recruiting[at]housecanary.com

HouseCanary is an equal opportunity employer and encourage applications from individuals of all backgrounds. We strongly encourage people of color, women, lesbian, gay, bisexual, transgender, queer and non-binary people, veterans, parents, and individuals with disabilities to apply. HouseCanary welcomes everyone to our team. If you need reasonable adjustments at any point in the application or interview process, please let us know.

Company
About UsCareersPress ResourcesTrust Center
Resources
LegalBrokerage InformationStatusSupport
Legal
Terms & ConditionsPrivacy PolicySLA
NY Standard Operating Procedures
TREC Info About Brokerage Services
TREC Consumer Protection Notice
California DRE #02113022
Copyright © 2024 HouseCanary

HouseCanary, Inc. is a Licensed Real Estate Brokerage in KS, NM, SC and under the Trade Name ComeHome in AL, AK, AZ, CA, CO, CT, DC, DE, FL, GA, HI, IA, ID, IL, IN, KY, LA, MA, MD, ME, MO, MN, MS, MT, NC, ND, NE, NH, NJ, NV, NY, OH, OK, OR, PA, RI, SD, TN, TX, VA, VT, WA, WI, WV, WY. Trade Name ComeHome Real Estate in MI and UT. Trade Name ComeHome by HouseCanary in AR.
AVM Disclosure: An AVM is an estimated sale price for a property. It is not the same as the opinion of value in an appraisal developed by a licensed appraiser under the Uniform Standards of Professional Appraisal Practice.
*HouseCanary’s Price Match Guarantee is only good for like/identical products and proof of competitive pricing is required. HouseCanary reserves the right to exclude anyone from the offer at our discretion.