Job
Description
The Role: We are seeking a Cloud Security Engineer to take on the critical dual responsibility of securing both our internal cloud platform and the core of our multi-cloud networking product. You will be the guardian of our infrastructure and a key contributor to the trust our customers place in our software. This role involves embedding security into every layer of our environment, from the cloud infrastructure that runs our services to the code that powers our customer-facing security features. You will be responsible for ensuring the platform itself is secure and that the security capabilities we deliver are robust, effective, and built on a foundation of best practices. Responsibilities: Cloud Infrastructure Security: Design, implement, and manage robust security controls across our multi-cloud infrastructure (AWS, Azure, GCP). This includes hardening configurations, managing Identity and Access Management (IAM) policies, and enforcing network security group rules to maintain a principle of least privilege. Product Security Integration: Collaborate closely with engineering teams to embed security into the software development lifecycle. You will provide security guidance on new features, conduct threat modeling, and ensure the security features we ship to customers are robust and well-architected. Container and Orchestration Security: Secure our containerized environments by implementing best practices for Docker and Kubernetes security. This includes image scanning, runtime security monitoring, and establishing secure configurations for our orchestration platform. DevSecOps and Code Analysis: Integrate and manage security tooling within our CI/CD pipelines. You will own the static (SAST) and dynamic (DAST) code analysis processes to identify and remediate vulnerabilities early in the development cycle. Incident Response and Monitoring: Develop and maintain monitoring for security events, and lead the response to any security incidents. You will conduct root cause analysis and implement preventative measures to strengthen our security posture. Required Qualifications: 3+ years of experience in a Cloud Security, Product Security, or Application Security role. Hands-on experience securing cloud infrastructure in at least one major cloud provider (AWS, Azure, or GCP), with a strong understanding of IAM, VPCs, and network security groups. Proven experience with container security, including securing Docker images and Kubernetes clusters. Experience implementing and managing static (SAST) and dynamic (DAST) application security testing tools within a CI/CD pipeline. Proficiency in a scripting language (e.g., Python, Go) for security automation. A strong understanding of modern security principles, including threat modeling, vulnerability management, and incident response. Preferred Qualifications: Experience in a multi-cloud environment. Familiarity with Infrastructure as Code (IaC) tools like Terraform and their security implications. Knowledge of common compliance frameworks (e.g., SOC 2, ISO 27001). Relevant security certifications (e.g., CCSP, AWS Certified Security - Specialty, GCSA). Experience working in a fast-paced environment.
