Staff Security Engineer

About the role

Aurora's mission is to deliver the benefits of self-driving technology safely, quickly, and broadly. The Aurora Driver will create a new era in mobility and logistics, one that will bring a safer, more efficient, and more accessible future to everyone. At Aurora, you will tackle massively complex problems alongside other passionate, intelligent individuals, growing as an expert while expanding your knowledge. For the latest news from Aurora, visit aurora.tech or follow us on LinkedIn .

Requirements

• Aurora hires talented people with diverse backgrounds who are ready to help build a transportation ecosystem that will make our roads safer, get crucial goods where they need to go, and make mobility more efficient and accessible for all.
• We're searching for a Staff Security Engineer to join our Enterprise Security Engineering team, reporting to the Technical Lead Manager of Security Engineering.
• This is not a security operations-only role. It sits squarely in enterprise security engineering, where the work is designing, building, and owning the platforms, integrations, and automation that power Aurora's internal security posture at scale.
• In this role you will
• Own the architecture and implementation of Aurora's enterprise security controls - designing the systems and integrations that protect Aurora's endpoints, identities, internal infrastructure, and SaaS environment.
• Design and build Aurora's security telemetry and detection infrastructure, including log pipelines, SIEM integrations, and alerting frameworks - in partnership with the Security Operations Engineer who owns ongoing tuning and rule development.
• Define and enforce enterprise security standards, conducting architecture and design reviews to ensure alignment with Aurora's security posture and risk tolerance.
• Partner with IT, Infrastructure, and Engineering teams to embed security requirements early - shifting left on corporate IT initiatives before they become technical debt.
• Build automation and tooling that extends the capabilities of Aurora's security platforms, reduces manual operational burden, and scales the team's impact.
• Serve as the escalation point for enterprise security incidents requiring engineering-level investigation or remediation, and participate in the team's on-call rotation.
• Translate security strategy into concrete, executable engineering projects with clear milestones and measurable outcomes.
• Required qualifications
• 12+ years of hands-on experience in enterprise security engineering or corporate information security - specifically securing employee-facing systems, endpoints, identities, and internal infrastructure (not product or application security).
• Proficiency in at least one programming language, used in a security context - writing production-quality automation, integrations, or internal tooling (the team primarily uses Go; Python is also common).
• Experience architecting and integrating enterprise security platforms - designing API integrations, automating workflows, and building tooling that extends platform capabilities across domains such as EDR/XDR, MDM, IAM/IGA, DLP, SaaS security, cloud security, or PKI.
• Experience designing and building security telemetry pipelines and detection infrastructure - log ingestion, normalization, SIEM integration, and alerting architecture.
• Experience leading cross-functional security engineering projects - defining scope, driving execution, and aligning stakeholders across Engineering and IT.
• Track record of conducting security architecture reviews and translating findings into actionable, risk-prioritized remediation plans.
• Experience evaluating security posture and identifying systemic gaps, with a bias toward building durable solutions rather than one-off fixes.
• Desirable qualifications
• Experience with Zero Trust architecture and identity-centric security models (BeyondCorp-style or similar).
• Familiarity with NIST CSF, MITRE ATT&CK, and CIS Benchmarks as engineering inputs - used to inform what to build and how to validate it, not just as compliance checkboxes.
• Hands-on AWS security experience (SCPs, GuardDuty, Security Hub, IAM, etc.) and familiarity with integrating cloud security signals into a corporate security platform.
• Experience with applied cryptography and PKI in a production enterprise environment - certificate lifecycle management

Benefits

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Aurora Innovation? Share your experience