Security Engineer I

on behalf of:

Braze Romania
At Braze, we have found our people. We're a genuinely approachable, exceptionally kind, and intensely passionate crew.

We seek to ignite that passion by setting high standards, championing teamwork, and creating work-life harmony as we collectively navigate rapid growth on a global scale while striving for greater equity and opportunity – inside and outside our organization.

To flourish here, you must be prepared to set a high bar for yourself and those around you. There is always a way to contribute: Acting with autonomy, having accountability and being open to new perspectives are essential to our continued success.

Our deep curiosity to learn and our eagerness to share diverse passions with others gives us balance and injects a one-of-a-kind vibrancy into our culture.

If you are driven to solve exhilarating challenges and have a bias toward action in the face of change, you will be empowered to make a real impact here, with a sharp and passionate team at your back. If Braze sounds like a place where you can thrive, we can't wait to meet you.

Platform Security Engineers (PSEs) focus on securing the internal infrastructure and platform systems that power our development and production environments. Working at the intersection of engineering and security, PSEs design, implement, and maintain scalable security controls across Kubernetes, AWS, Azure, MongoDB, CI/CD pipelines, and more.

They work closely with the Platform Engineering, Infrastructure, and GRC teams to ensure our systems meet regulatory and audit requirements (e.g., SOX, SOC 2) and that controls are practical and robust. PSEs also own the integration and configuration of SIEM log sources, ensuring high-quality visibility into system activity.

In addition, PSEs manage and deploy security tooling requested by the central Security team, including endpoint protection, cloud access security brokers (CASBs), and monitoring agents (e.g., CrowdStrike, Zscaler). They are responsible for both the technical configuration and platform-level deployment of these systems.

PSEs are hands-on engineers who treat security as an engineering discipline, prioritizing automation, testing, observability, and scalability in everything they build.

What You'll Do
Security Control Implementation

• Design and implement platform-level security controls that align with compliance and business risk.
• Own onboarding of infrastructure and services into the company's SIEM platforms (e.g., Elastic, Datadog).
• Automate security guardrails via CI/CD pipelines, infrastructure-as-code, and policy-as-code systems.
• Implement and validate Kubernetes security controls (e.g., network policies, RBAC, PSP/OPA/Gatekeeper).
• Improve access controls, secret management, encryption configurations, and logging across services.

Security Tooling Deployment

• Deploy and manage security tools and agents (e.g., CrowdStrike, Zscaler) across platform systems.
• Partner with the central Security team to validate tooling requirements and ensure coverage across relevant infrastructure.
• Automate deployment, configuration, and updates of security tools using infrastructure-as-code and scripting.

Collaboration with Internal Teams

• Partner with Platform and Infrastructure teams to design secure-by-default solutions.
• Translate security and compliance requirements into technical designs and implementations.
• Collaborate with GRC, Audit, and Application Security teams to support evidence collection and remediation.

Observability and SIEM Integration

• Maintain and expand logging pipelines from infrastructure services into the SIEM.
• Configure log sources, normalize events, and enable alerting on anomalous behaviors.
• Support compliance evidence requirements by maintaining visibility and audit logs across key systems.

Incident Readiness and Tooling

• Develop and maintain tooling to identify misconfigurations, insecure defaults, or policy drift.
• Participate in incident response activities as needed, contributing platform-level insights.
• Ensure systems are observable, audit-ready, and continuously improving from post-incident learnings.

Experience
WHO YOU ARE

• 3+ years in cloud security, DevSecOps, infrastructure security, or platform engineering roles.
• Hands-on experience implementing controls in cloud-native environments (e.g., AWS, Azure, Kubernetes).
• Experience working with compliance-driven controls (e.g., SOX ITGC, SOC 2, ISO

Skills

• Proficient in infrastructure-as-code and CI/CD tooling (e.g., Terraform, Helm, Jenkins, GitHub Actions).
• Familiarity with logging and SIEM platforms (e.g., Elasticsearch, Datadog, Splunk, Fluentd).
• Experience deploying and configuring security tools like endpoint detection and response (EDR) or CASB.
• Comfortable writing secure automation and scripts (Python, Go, or similar).
• Strong understanding of Kubernetes security controls and best practices.
• Ability to assess risk and prioritize mitigation efforts pragmatically.

Mindset

• Security-focused but enablement-oriented — you help teams move faster, not slower.
• Proactive and curious — you seek to understand systems deeply and improve them continuously.
• Collaborative communicator — able to explain security decisions to technical and non-technical audiences.

What We Offer
Braze benefits vary by location, and we encourage you to review our specific benefits offerings for each country
here
. More details on benefits plans will be provided if you receive an offer of employment.
From offering comprehensive benefits to fostering hybrid ways of working, we've got you covered so you can prioritize work-life harmony. Braze offers benefits such as:

• Competitive compensation that may include equity
• Retirement and Employee Stock Purchase Plans
• Flexible paid time off
• Comprehensive benefit plans covering medical, dental, vision, life, and disability
• Family services that include fertility benefits and equal paid parental leave
• Professional development supported by formal career pathing, learning platforms, and a yearly learning stipend
• A curated in-office employee experience, designed to foster community, team connections, and innovation
• Opportunities to give back to your community, including an annual company-wide Volunteer Week and donation matching
• Employee Resource Groups that provide supportive communities within Braze
• Collaborative, transparent, and fun culture recognized as a Great Place to Work

About Braze
Braze is the leading customer engagement platform that empowers brands to Be Absolutely Engaging. Braze helps brands deliver great customer experiences that drive value both for consumers and for their businesses. Built on a foundation of composable intelligence, BrazeAI allows marketers to combine and activate AI agents, models, and features at every touchpoint throughout the Braze Customer Engagement Platform for smarter, faster, and more meaningful customer engagement. From cross-channel messaging and journey orchestration to Al-powered decisioning and optimization, Braze enables companies to turn action into interaction through autonomous, 1:1 personalized experiences.

The company has repeatedly been recognized as a Leader in marketing technology by industry analysts, and was voted a G2 "Best of Marketing and Digital Advertising Software Product" in 2025.

Braze was also named a 2025 Best Companies To Work For by U.S. News & World Report, a 2025 America's Greatest Companies by Newsweek, and a 2025 Fortune Best Workplace in Technology by Great Place To Work, among other accolades. Braze is also proudly certified as a Great Place to Work in the U.S., the UK, Australia, and Singapore.

The company is headquartered in New York with offices in Austin, Berlin, Bucharest, Chicago, Dubai, Jakarta, London, Paris, San Francisco, São Paulo, Singapore, Seoul, Sydney and Tokyo.

BRAZE IS AN EQUAL OPPORTUNITY EMPLOYER
At Braze, we strive to create equitable growth and opportunities inside and outside the organization.

Building meaningful connections is at the heart of everything we do, and that includes our recruiting practices. We're committed to offering all candidates a fair, accessible, and inclusive experience – regardless of age, color, disability, gender identity, marital status, maternity, national origin, pregnancy, race, religion, sex, sexual orientation, or status as a protected veteran. When applying and interviewing with Braze, we want you to feel comfortable showcasing what makes you
you
.

We know that sometimes different circumstances can lead talented people to hesitate to apply for a role unless they meet 100% of the criteria. If this sounds familiar, we encourage you to apply, as we'd love to meet you.

Please see our
Candidate Privacy Policy
for more information on how Braze processes your personal information during the recruitment process and, if applicable based on your location, how you can exercise any privacy rights.