Recently named one of Entrepreneur magazine’s Top 100 Cannabis Leaders, Cresco Labs is one of the largest vertically-integrated multi-state cannabis operators in the United States. Cresco is built to become the most important company in the cannabis industry by combining the most strategic geographic footprint with one of the leading distribution platforms in North America. Employing a consumer-packaged goods (“CPG”) approach to cannabis, Cresco’s house of brands is designed to meet the needs of all consumer segments and includes some of the most recognized and trusted national brands including Cresco, Remedi and Mindy’s, a line of edibles created by James Beard Award-winning chef Mindy Segal. Sunnyside*, Cresco’s national dispensary brand is a wellness-focused retailer designed to build trust, education and convenience for both existing and new cannabis consumers. Recognizing that the cannabis industry is poised to become one of the leading job creators in the country, Cresco has launched the industry’s first national comprehensive Social Equity and Educational Development (SEED) initiative designed to ensure that all members of society have the skills, knowledge and opportunity to work in and own businesses in the cannabis industry. 


At Cresco Labs, we aim to lead the nation’s cannabis industry with a focus on regulatory compliance, product consistency, and customer satisfaction. Our operations bring legitimacy to the cannabis industry by acting with the highest level of integrity, strictly adhering to regulations, and promoting the clinical efficacy of cannabis. As Cresco grows, we will operate with the same level of professionalism and precision in each new market we move in to.

Cresco Labs is seeking a Security Engineer for our IT Security Team to secure Cresco Labs AWS platform. This role is a highly specialized technical position with experience in cloud security architecture as well as cloud network and security configurations function including cloud native resource deployment.  Senior Security Engineer will define cloud security best practices on the AWS platform and work with a dynamic team on development and deployment of security applications and data controls to those best practices.  The engineer will take part in analysis, documentation, development, and implementation of software system requirements in support of security and governance. The engineer will also participate in the evaluation of 3rd party software, integration features and functions as they relate to meeting security requirement.  This role may also include on-call responsibilities to respond to security alerts in Cresco Labs’ AWS environment.   


  • Closely collaborate with security Director and Security architect in developing cloud security frameworks for the enterprise
  • Develop and execute Cloud Security Strategy using AWS Services to proactively identify risk and drive remediation's.
  • Technical lead for projects to deploy and manage various security solutions in the AWS cloud
  • Work with application and infrastructure teams to design and architect secure cloud infrastructure and applications, which also meet with regulatory compliance
  • Be the hands-on technical specialist to handle any tasks necessary to establish and maintain secure cloud environment
  • Develop and own cloud strategy for preventive as well as detective security measures in AWS
  • Perform security assessment, identify key risks & gaps, then execute workstreams to address them
  • Provides security expertise for cloud-based DevOps development and deployment
  • Work on improvements including the development of new tools, automation, and integration
  • Have expert knowledge of Data Loss Prevention principles and apply that knowledge in their daily cloud security work
  • Develop, maintain, and report on key cloud security metrics – both as a program and on an individual basis; creating metric templates and scoring models
  • Provide on-call support to respond to security incidents, as and when needed


  • 5+ years’ experience in information security.
  • Bachelor’s degree in computer science, specialized systems training, or equivalent work experience.
  • Advanced experience with AWS Services such as CloudFormation, IAM Policies, EC2, Lambda, S3, Glaciers, Multi-region VPC, Security Groups, Route53, ALB/ELB/NLB, CloudWatch and CloudTrail
  • Experience in security gaps and risk assessments and identify appropriate security countermeasures
  • Experience in 3rd party integration design
  • Sound knowledge of cloud security standards
  • Experience and knowledge of tools from various levels of deployment stacks
  • Experience in an operational and/or user support organization for a minimum of 2-5 years.
  • Working knowledge of industry-recognized cloud security tools including antivirus solutions, FIM, whitelisting, SIEM, IDS/IPS, enterprise encryption solutions, and endpoint security
  • Experience in scripting and programming languages such as ruby, Perl, python, javascript, PowerShell, shell, etc.
  • Experience responding to and resolving security-based incidents
  • Strong, organizational, analytical, and interpersonal skills
  • Ability to communicate complex technical concepts effectively both orally and in writing
  • Ability to execute with a sense of urgency


  • AWS certifications – AWS Certified Security
  • Security or network certifications including the CISSP (Certified Information Systems Security Professional), GIAC, CEH (Certified Ethical Hacker), GREM, and CCSP (Certified Cloud Security Professional, CompTIA Security+, ITIL v3, 
  • Experience in responding to and using analysis tools to investigate and analyze Cyber Attacks in AWS ecosystem.
  • Experience in malware analysis (debuggers, disassemblers, and hex editors) and remediation and mitigation strategies


  • Must be 21 years of age or older to apply
  • Must comply with all legal or company regulations for working in the industry 

Cresco Labs is an Equal Opportunity Employer and all applicants will be considered without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.

Apply for this Job

* Required

When autocomplete results are available use up and down arrows to review
+ Add Another Education

U.S. Equal Opportunity Employment Information (Completion is voluntary)

Individuals seeking employment at Cresco Labs are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. You are being given the opportunity to provide the following information in order to help us comply with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements.

Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Form CC-305

OMB Control Number 1250-0005

Expires 05/31/2023

Voluntary Self-Identification of Disability

Why are you being asked to complete this form?

We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at

How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

  • Autism
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, or HIV/AIDS
  • Blind or low vision
  • Cancer
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or hard of hearing
  • Depression or anxiety
  • Diabetes
  • Epilepsy
  • Gastrointestinal disorders, for example, Crohn's Disease, or irritable bowel syndrome
  • Intellectual disability
  • Missing limbs or partially missing limbs
  • Nervous system condition for example, migraine headaches, Parkinson’s disease, or Multiple sclerosis (MS)
  • Psychiatric condition, for example, bipolar disorder, schizophrenia, PTSD, or major depression

1Section 503 of the Rehabilitation Act of 1973, as amended. For more information about this form or the equal employment obligations of Federal contractors, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.