This is a remote position.

About the Role

First Due, an industry-leading public safety SaaS company, is searching for an experienced Senior Engineer with deep cloud security expertise to help strengthen and scale the security posture of our mission-critical SaaS platform. This role sits at the intersection of infrastructure, security, and compliance, and will play a key part in preparing our organization to meet NIST 800-53 and other regulatory frameworks, including SoC 2 Type II, PCI DSS and others.

The ideal candidate will combine a strong technical foundation in AWS infrastructure with hands-on security engineering experience, exceptional attention to detail, and the ability to communicate effectively with both internal teams and customers.

Key Responsibilitie

• Lead cloud security initiatives across AWS infrastructure, ensuring alignment with best practices, company policies, and NIST 800-53 requirements.
  
• Design and implement secure infrastructure patterns, including network segmentation, encryption, IAM policies, and secrets management.
  
• Collaborate with engineering, product, and compliance teams to build security into every layer of our SaaS platform lifecycle.
  
• Own the cloud security roadmap, driving projects to improve observability, vulnerability management, and overall risk reduction.
  
• Prepare and guide the company through NIST 800-53 readiness, including documentation, evidence gathering, and control implementation.
  
• Respond to customer security questionnaires and audits, providing detailed, accurate, and timely responses that represent the company’s security posture.
  
• Develop and maintain security automation and monitoring systems, leveraging tools such as AWS Config, GuardDuty, Security Hub, or third-party solutions (e.g., Wiz, Prisma Cloud, Datadog Security).
  
• Establish and enforce least-privilege IAM policies and conduct regular access reviews.
  
• Improve system observability and reliability through enhanced logging, metrics, and alerting for security and infrastructure health.
  
• Partner with engineering teams to perform secure code reviews, threat modeling, and security design reviews for new features.
  
• Assist with incident response, root cause analysis, and post-incident reviews to strengthen system resilience.
  
• Mentor peers and promote a culture of security-first engineering across the organization.
  

Key Qualifications and Experience:

Required:

• 5–8+ years of experience in cloud infrastructure or DevOps engineering, with a strong focus on AWS (EC2, RDS, ElastiCache, IAM, CloudFormation/Terraform, VPC, KMS, etc.).
  
• Proven experience implementing cloud security best practices—including network hardening, encryption, key management, and vulnerability remediation.
  
• Deep familiarity with security frameworks (e.g., NIST 800-53, FedRAMP, SOC 2, ISO 27001, CIS Benchmarks).
  
• Experience responding to customer security assessments and due diligence questionnaires.
  
• Hands-on experience with monitoring and observability tools (CloudWatch, Datadog, Prometheus, etc.) and SIEM/SOC integrations.
  
• Strong understanding of PostgreSQL security and database hardening in a cloud environment.
  
• Solid scripting or automation skills (Python, Bash, or similar) for infrastructure security automation.
  
• Excellent written and verbal communication skills — especially in explaining security controls to non-technical stakeholders and customers.
  
• A mindset that balances security, performance, and scalability.
  
• A passion for solving complex problems at the intersection of infrastructure and security.
  
• Strong cross-functional collaboration skills with compliance, legal, product, and customer teams.
  
• The ability to translate technical controls into clear business value and compliance evidence.
  
• Initiative and ownership to identify vulnerabilities and drive mitigation end-to-end.
  

Preferred

• Experience participating in or preparing for FedRAMP, SOC 2, ISO 27001, or similar compliance audits.
  
• Background in threat detection, incident response, or forensics in cloud environments.
  
• Familiarity with container security (EKS, ECS, or Kubernetes security hardening).
  
• Security certifications such as AWS Certified Security – Specialty, CISSP, or CCSP.
  
• Prior experience in a SaaS company or highly regulated industry (government, healthcare, finance).
  

We welcome a diverse workforce! If you don’t fit all the qualifications for the job listed above but feel you bring unique experience and perspective that would serve this role and First Due well, we encourage you to apply.

All applicants must be authorized to work for any US employer in the United States. Locality Media Inc. is unable to sponsor or transition sponsorship ownership of employment visas at this time. Hiring is contingent upon candidates successfully passing a criminal background check. As part of the I-9 verification of authorization to work in the US, Locality Media Inc. participates in E-Verify.

Physical Demands and Work Environment

This role is fully remote with minimal travel expectations at this time. Reasonable accommodation may be made to enable qualified employees and applicants to perform the essential functions as outlined above. If you require an accommodation during the interview process, please reach out to people@firstdue.com.

Working at First Due

First Due offers a comprehensive compensation and benefits package for eligible employees, including competitive pay, medical, dental, and vision coverage, FSA/HSA, 401(k), flexible PTO, a fully remote workplace, a technology stipend, opportunities for advancement, and other benefits and perks that sets our team apart. Visit www.firstdue.com to learn more.

If you are a resident of a state requiring wage transparency, please reach out to people@firstdue.com for a reasonable estimate of annual base compensation and any eligible incentive compensation. The actual compensation offered to successful candidates for roles may be higher or lower, based on non-discriminatory criteria including but not limited to relevant professional experience, geographic location, knowledge, skills, and abilities. This range will be reviewed on a regular basis.

About First Due

First Due is re-imagining Fire and EMS by providing a modern cloud-based platform that allows agencies to run their entire operation in one place. From Fire Prevention, Pre-Incident Planning, Incident Reporting, Scheduling, Asset Management, Reporting, Response and more, First Due is leading the public safety software industry through next-generation technology and innovation.

Locality Media LLC First Due is an equal opportunity employer. We do not discriminate in any aspect of employment on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status, or any other protected status or class. We are committed to promoting an environment of respect, acceptance, diversity and inclusivity, and equal opportunity. Discrimination and harassment of any type in any form will not be tolerated.

When you apply for a role at Locality Media, we will collect some personal data, including information from your application, resume, or LinkedIn profile. This information is used during the interview and candidate evaluation process for opportunities at First Due and is only shared internally. Please review our candidate privacy notice here.