Avetta’s SaaS platform connects the world’s leading organizations with qualified suppliers, contractors, and vendors. We bring unmatched visibility to companies through cloud-based technology and human insights. As a result, we foster sustainable growth for businesses and their supply chains. Our SaaS subscription software is used by 85k+ active customers in over 100 countries.
SUMMARY:
Avetta is seeking an experienced and highly skilled Senior Cybersecurity Engineer to join our team. In this role, you will serve as a key technical contributor driving the maturity and effectiveness of our security program and AI initiatives. You will architect, build, and operationalize advanced security controls, partnering closely with R&D, development, and architecture teams to embed security throughout the software development lifecycle and strengthen our defense-in-depth strategy.
We are looking for an engineer who proactively identifies emerging threats, evaluates and implements modern security technologies including driving the use of AI, and elevates our capabilities through innovative problem solving and continuous improvement. This role will also provide technical guidance to peers, influence secure engineering practices, and support critical cybersecurity functions such as vulnerability management, detection and response, identity and access management, and audit/compliance efforts. Your work will directly shape and enhance the security posture of the organization.
Preference will be given to candidates who reside within a commutable distance to Avetta’s Lehi, UT office (3300 Triumph Blvd, Suite 800, Lehi, UT 84043) and are able to follow a hybrid work schedule of three days in-office and two days remote each week.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Design, automate, and validate security controls across enterprise, cloud, and product environments to enhance defense-in-depth
- Lead efforts to embed security into CI/CD pipelines and development workflows, partnering with engineering to mature DevSecOps practices
- Evaluate, implement, and operationalize cybersecurity platforms and tooling
- Establish and enforce secure configuration baselines and system hardening standards
- Serve as a security engineering point-of-contact for internal teams, providing expert guidance and mentoring less experienced engineers
- Review and improve infrastructure-as-code, pipelines, and automation frameworks to ensure secure design and deployment practices
- Own vulnerability and misconfiguration lifecycle policies and procedures
- Identify and recommend secure use cases for AI/ML technologies within the business, ensuring safe and compliant adoption
- Monitor industry threat trends and provide proactive recommendations
- Review business initiatives, architecture proposals, and roadmaps to identify security risks and design scalable mitigation strategies
- Contribute to and refine security policies, standards, and operating procedures; promote adoption across engineering teams
PREFERRED QUALIFICATIONS:
Knowledge & Application
- Applies advanced cybersecurity and engineering expertise to architect and mature complex security controls and systems
- Develops innovative, effective solutions to sophisticated security challenges across cloud, product, and enterprise environments
- Influences secure design and operational practices across teams by integrating security principles with engineering, infrastructure, and business needs
- Drives adoption of established security frameworks while shaping new standards, patterns, and capabilities to improve organizational security maturity
Complexity & Problem Solving
- Analyzes complex security issues and architectures, applying deep technical evaluation to variable risk and threat factors
- Selects and defines security methods, tools, and approaches for new initiatives, exercising sound judgment and technical discretion
- Adapts and applies advanced security techniques and evaluation criteria to achieve effective, scalable solutions
- Delivers results aligned with security and organizational objectives, with work reviewed primarily for strategic consistency rather than guidance in execution
Collaboration & Interaction
- Builds strong cross-functional relationships and collaborates with teams beyond security to drive secure business outcomes
- Tailors communication style and uses influence to advocate for security priorities in a way that supports broader organizational goals
- Advises stakeholders and technical teams on complex security matters, serving as a trusted subject-matter resource
- May guide team efforts to deliver tactical security objectives aligned with business needs and priorities
IDEAL EDUCATION & EXPERIENCE:
- A Bachelor’s Degree in Information Technology, Cybersecurity, or a related field
- 6+ years of Cybersecurity experience
#LI-HYBRID