Lead Security Engineer
Copia Automation brings modern developer tools and resiliency to industrial automation. Our product provides Git-based source control for automation professionals as well as remote, real-time monitoring of the entire plant floor + state of the art backup and recover technology. We are a well-funded startup with a growing list of happy customers throughout the industrial space.
As a Copia employee, you’ll solve challenging, unique, and meaningful problems alongside passionate coworkers, while we change the way everything gets built.
About the Role
We’re seeking a Senior Security Engineer to strengthen our threat model and implement robust security controls across multiple domains. In this role, you’ll lead initiatives to secure both cloud and on-premises infrastructure — spanning networks, endpoints, identity and access management, and data protection. You’ll design and automate security solutions, integrate them into CI/CD pipelines, and enhance detection, response, and hardening across environments.
You are a self-starter who thrives with minimal supervision, capable of independently driving complex security projects from concept to production. You prioritize effectively, communicate clearly with cross-functional teams, think creatively to address emerging threats, and deliver exceptional, measurable results.
Responsibilities
- Develop, tune, and automate detection and alerting pipelines; support incident response investigations and root-cause analysis
- Lead endpoint and server hardening efforts across Windows, macOS, and Linux systems, ensuring secure configurations and continuous compliance
- Mature and maintain enterprise detection and response capabilities; drive toward 100% visibility and monitoring coverage across all assets
- Oversee vulnerability management lifecycle — from scanning and triage to remediation tracking and executive reporting
- Design and implement security automation to streamline access management, alert triage, and compliance evidence collection
- Develop, enforce, and continuously refine Zero Trust Network Access (ZTNA) policies for both on-premises and cloud environments
- Collaborate with engineering teams to support threat modeling, application security reviews, and secure-by-design architecture decisions
Requirements
- 7+ years of experience in security engineering, cloud security, or incident response, ideally within a SaaS or cloud-native company operating at scale
- Deep understanding of AWS security services (GuardDuty, IAM, KMS, CloudTrail, etc.) and best practices for securing multi-account environments
- Hands-on experience with endpoint and server monitoring using CrowdStrike, including API integrations and telemetry enrichment across the monitoring stack
- Expertise designing, tuning, and maintaining SIEM and detection pipelines in Datadog, including custom metrics, dashboards, and automated alert workflows
- Strong proficiency with Terraform, including secure IaC design, module development, and policy-as-code implementations
- Familiarity with operational technology (OT) security, including segmentation, asset discovery, and threat detection in industrial or lab environments
- Experience automating security operations using Python, PowerShell, or Bash for orchestration and response workflows
- Strong understanding of vulnerability management, patch governance, and remediation prioritization strategies
- Experience implementing Zero Trust Network Access (ZTNA) and securing hybrid cloud/on-prem environments.
Compensation & Benefits
- Salary: $172,000 - $215,000 a year
- Benefits include unlimited PTO, employer-subsidized healthcare through Aetna, commuter benefits, in-office lunches, and more!
- Full-time, permanent employees also receive generous equity packages.
This position is hybrid out of our New York City HQ.
About Copia
Copia is growing extraordinarily fast! Join a best-in-class start-up with huge amounts of upside and impact. Our headquarters is in New York City.