Back to Jobs

Senior Cloud Security Engineer

Remote, US
Full-TimeRemote, USOther

Job Description

The Senior Cloud Security Engineer position will report to the Head of Security.

As the Senior Cloud Security Engineer, you will

  • Partner with Infrastructure Engineering to align security controls with architecture, participating in design reviews and threat modeling sessions.
  • Lead infrastructure-focused security initiatives that strengthen system resilience, like backup integrity and network access control.
  • Manage and tune web protection platforms including WAF, bot mitigation, and DDoS tools, collaborating with teams to harden externally exposed services and reduce false positives.
  • Operate and maintain cloud-native security tools including CSPM, XDR, DLP, and CASB to protect sensitive data, detect cloud threats, secure SaaS usage, and enforce secure cloud configurations.
  • Apply secure configuration baselines acrossAWS, Kubernetes, and containerized environments, integrating them into IaC workflows and CI/CD pipelines to support secure-by-default deployments.
  • Implement secure access technologies including VPNs, remote access, identity-aware proxies, and zero-trust networking solutions, tightly integrating IAM and monitoring across AWS and SaaS platforms.
  • Build and maintain infrastructure telemetry pipelines that feed SIEM, and IDS platforms, correlating events with vulnerability scanning data and tuning detections in collaboration with Security Operations.
  • Automate control enforcement using policy-as-code and integrate cloud telemetry with GRC platforms to streamline compliance workflows and evidence collection.

About You

  • 6+ years of experience in security engineering, infrastructure security, or cloud security roles.
  • 2+ years focused on AWS cloud environments, including security tooling and service hardening.
  • Hands-on experience with SIEM, CSPM, XDR/EDR, CASB, vulnerability scanners, WAF, and DNS filtering.
  • Strong scripting or programming experience (Python, Go, Shell, or equivalent).
  • Familiarity with IaC and cloud automation tools (e.g., Terraform, Ansible, CloudFormation).

Even Better

  • Professional security certifications (e.g., AWS Security Specialty, GCLD, CCSP, CCSK).
  • Experience with container runtime security and Kubernetes RBAC controls.
  • Familiarity with immutable infrastructure concepts and backup resiliency practices.
  • Working knowledge of regulatory frameworks like SOC 2, FFIEC, GLBA, or NY DFS.
  • Experience supporting detection infrastructure and compliance automation.

Where

  • This role will be based in the US.

#LI-NS1