Recently named one of Entrepreneur magazine’s Top 100 Cannabis Leaders, Cresco Labs is one of the largest vertically-integrated multi-state cannabis operators in the United States. Cresco is built to become the most important company in the cannabis industry by combining the most strategic geographic footprint with one of the leading distribution platforms in North America. Employing a consumer-packaged goods (“CPG”) approach to cannabis, Cresco’s house of brands is designed to meet the needs of all consumer segments and includes some of the most recognized and trusted national brands including Cresco, Remedi and Mindy’s, a line of edibles created by James Beard Award-winning chef Mindy Segal. Sunnyside*, Cresco’s national dispensary brand is a wellness-focused retailer designed to build trust, education and convenience for both existing and new cannabis consumers. Recognizing that the cannabis industry is poised to become one of the leading job creators in the country, Cresco has launched the industry’s first national comprehensive Social Equity and Educational Development (SEED) initiative designed to ensure that all members of society have the skills, knowledge and opportunity to work in and own businesses in the cannabis industry. 


At Cresco Labs, we aim to lead the nation’s cannabis industry with a focus on regulatory compliance, product consistency, and customer satisfaction. Our operations bring legitimacy to the cannabis industry by acting with the highest level of integrity, strictly adhering to regulations, and promoting the clinical efficacy of cannabis. As Cresco grows, we will operate with the same level of professionalism and precision in each new market we move in to.

Cresco Labs is seeking a Security Engineer for our IT Security Team to secure Cresco Labs AWS platform. This role is a highly specialized technical position with experience in cloud security architecture as well as cloud network and security configurations function including cloud native resource deployment.  Senior Security Engineer will define cloud security best practices on the AWS platform and work with a dynamic team on development and deployment of security applications and data controls to those best practices.  The engineer will take part in analysis, documentation, development, and implementation of software system requirements in support of security and governance. The engineer will also participate in the evaluation of 3rd party software, integration features and functions as they relate to meeting security requirement.  This role may also include on-call responsibilities to respond to security alerts in Cresco Labs’ AWS environment.   


  • Closely collaborate with security Director and Security architect in developing cloud security frameworks for the enterprise
  • Develop and execute Cloud Security Strategy using AWS Services to proactively identify risk and drive remediation's.
  • Technical lead for projects to deploy and manage various security solutions in the AWS cloud
  • Work with application and infrastructure teams to design and architect secure cloud infrastructure and applications, which also meet with regulatory compliance
  • Be the hands-on technical specialist to handle any tasks necessary to establish and maintain secure cloud environment
  • Develop and own cloud strategy for preventive as well as detective security measures in AWS
  • Perform security assessment, identify key risks & gaps, then execute workstreams to address them
  • Provides security expertise for cloud-based DevOps development and deployment
  • Work on improvements including the development of new tools, automation, and integration
  • Have expert knowledge of Data Loss Prevention principles and apply that knowledge in their daily cloud security work
  • Develop, maintain, and report on key cloud security metrics – both as a program and on an individual basis; creating metric templates and scoring models
  • Provide on-call support to respond to security incidents, as and when needed


  • 5+ years’ experience in information security.
  • Bachelor’s degree in computer science, specialized systems training, or equivalent work experience.
  • Advanced experience with AWS Services such as CloudFormation, IAM Policies, EC2, Lambda, S3, Glaciers, Multi-region VPC, Security Groups, Route53, ALB/ELB/NLB, CloudWatch and CloudTrail
  • Experience in security gaps and risk assessments and identify appropriate security countermeasures
  • Experience in 3rd party integration design
  • Sound knowledge of cloud security standards
  • Experience and knowledge of tools from various levels of deployment stacks
  • Experience in an operational and/or user support organization for a minimum of 2-5 years.
  • Working knowledge of industry-recognized cloud security tools including antivirus solutions, FIM, whitelisting, SIEM, IDS/IPS, enterprise encryption solutions, and endpoint security
  • Experience in scripting and programming languages such as ruby, Perl, python, javascript, PowerShell, shell, etc.
  • Experience responding to and resolving security-based incidents
  • Strong, organizational, analytical, and interpersonal skills
  • Ability to communicate complex technical concepts effectively both orally and in writing
  • Ability to execute with a sense of urgency


  • AWS certifications – AWS Certified Security
  • Security or network certifications including the CISSP (Certified Information Systems Security Professional), GIAC, CEH (Certified Ethical Hacker), GREM, and CCSP (Certified Cloud Security Professional, CompTIA Security+, ITIL v3, 
  • Experience in responding to and using analysis tools to investigate and analyze Cyber Attacks in AWS ecosystem.
  • Experience in malware analysis (debuggers, disassemblers, and hex editors) and remediation and mitigation strategies


  • Must be 21 years of age or older to apply
  • Must comply with all legal or company regulations for working in the industry 

Cresco Labs is an Equal Opportunity Employer and all applicants will be considered without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.

Apply for this Job

* Required