Security Lead Engineer

Copia Automation brings modern developer tools and resiliency to industrial automation. Our product provides Git-based source control for automation professionals as well as remote, real-time monitoring of the entire plant floor + state of the art backup and recover technology. We are a well-funded startup and with a growing list of happy customers throughout the industrial space.

​

As a Copia employee, you’ll solve challenging, unique, and meaningful problems alongside passionate coworkers, while we change the way everything gets built.

​

We’re seeking a Senior Security Engineer to strengthen our threat model and implement robust security controls across multiple domains. In this role, you’ll lead initiatives to secure both cloud and on-premises infrastructure — spanning networks, endpoints, identity and access management, and data protection. You’ll design and automate security solutions, integrate them into CI/CD pipelines, and enhance detection, response, and hardening across environments.

​

You are a self-starter who thrives with minimal supervision, capable of independently driving complex security projects from concept to production. You prioritize effectively, communicate clearly with cross-functional teams, think creatively to address emerging threats, and deliver exceptional, measurable results.

​

What you'll do:

​

• Develop, tune, and automate detection and alerting pipelines; support incident response investigations and root-cause analysis
• Lead endpoint and server hardening efforts across Windows, macOS, and Linux systems, ensuring secure configurations and continuous compliance
• Mature and maintain enterprise detection and response capabilities; drive toward 100% visibility and monitoring coverage across all assets
• Oversee vulnerability management lifecycle — from scanning and triage to remediation tracking and executive reporting
• Design and implement security automation to streamline access management, alert triage, and compliance evidence collection
• Develop, enforce, and continuously refine Zero Trust Network Access (ZTNA) policies for both on-premises and cloud environments
• Collaborate with engineering teams to support threat modeling, application security reviews, and secure-by-design architecture decisions

​

What you'll need:

​

• 7+ years of experience in security engineering, cloud security, or incident response, ideally within a SaaS or cloud-native company operating at scale
• Deep understanding of AWS security services (GuardDuty, IAM, KMS, CloudTrail, etc.) and best practices for securing multi-account environments
• Hands-on experience with endpoint and server monitoring using CrowdStrike, including API integrations and telemetry enrichment across the monitoring stack
• Expertise designing, tuning, and maintaining SIEM and detection pipelines in Datadog, including custom metrics, dashboards, and automated alert workflows
• Strong proficiency with Terraform, including secure IaC design, module development, and policy-as-code implementations
• Familiarity with operational technology (OT) security, including segmentation, asset discovery, and threat detection in industrial or lab environments
• Experience automating security operations using Python, PowerShell, or Bash for orchestration and response workflows
• Strong understanding of vulnerability management, patch governance, and remediation prioritization strategies
• Experience implementing Zero Trust Network Access (ZTNA) and securing hybrid cloud/on-prem environments.

​

$172,000 - $215,000 a year

​

Benefits include unlimited PTO, employer-subsidized healthcare through Aetna, commuter benefits, in-office lunches, and more! Full-time, permanent employees also receive generous equity packages.

​

Come join us!

​

Copia is growing extraordinarily fast! Join a best-in-class start-up with huge amounts of upside and impact. Our headquarters is in New York City.