Cloud Security Engineer

About WorkOS 🚀WorkOS builds tools and services for developers to help them implement authentication, identity, authorization, and overall enterprise readiness. We’re a fully distributed team with employees across North American time zones. We’re well-funded, having raised an $80M Series B. Our fast-growing customer base includes hundreds of rapidly growing SaaS companies like OpenAI, Vercel, Perplexity and Cursor.
About the Security TeamThe Security team at WorkOS is responsible for protecting our infrastructure, data, and systems at scale. As a Cloud Security Engineer, you’ll focus on the security of our cloud environments and infrastructure—making sure that everything from IAM policies to network boundaries is configured with least privilege and built to withstand real-world threats.
This is a hands-on role that blends security engineering with deep infrastructure context. You’ll partner with Infra and SRE teams to improve visibility, tighten controls, and embed security into the core of our cloud-native architecture.
Who we’re looking forWe’re looking for an engineer who enjoys digging into cloud platforms, surfacing misconfigurations, and building scalable controls that don’t slow teams down. You might be a great fit if you:
- Have experience securing cloud-native infrastructure and understand how cloud services can be abused- Enjoy working across IAM, network architecture, container security, and infrastructure as code- Think systematically about reducing risk, not just patching symptoms- Are pragmatic—balancing security posture with developer velocity and operational simplicity- Collaborate well with engineers across disciplines and communicate clearly- Are proactive, self-directed, and curious by nature

What you'll be doing

• Design and implement security controls across our AWS environments and Kubernetes infrastructure
• Identify and resolve misconfigurations, over-permissive access, and vulnerable patterns in cloud resources
• Improve tooling and automation for IAM, secrets management, and resource provisioning
• Partner with Infrastructure and SRE teams to embed security into infrastructure design and CI/CD workflows
• Define and monitor for cloud security signals—unusual access, configuration drift, privilege escalation paths
• Contribute to our threat modeling, risk assessments, and security incident response
• Help with audit and compliance readiness (SOC 2, ISO 27001), focusing on scalable enforcement rather than checklists
• Document systems and build internal security knowledge and shared context

Requirements

• Experience securing cloud infrastructure (we use AWS) in a production environment
• Familiarity with IAM, networking, Kubernetes, and infrastructure as code (Terraform preferred)
• Understanding of cloud attack techniques and how to mitigate them
• Comfort working independently and collaboratively in a high-autonomy environment
Nice to have
• Experience building internal security tooling or automation
• Familiarity with compliance frameworks (SOC 2, ISO 27001)

The annual US base salary falls within the range of $175,000 to $250,000. This range does not encompass the full spectrum of benefits such as equity, health insurance, vacation time, and paid parental leave. This salary range covers multiple levels of engineering roles and final compensation will be determined considering various factors, including experience, skills, and qualifications.
Benefits (US Only) 💖At WorkOS, we offer resources that emphasize personal and familial well-being. We offer healthcare coverage for you and your family, including medical, dental, and vision. We offer parental leave, paid-time off and fully remote working arrangements.
Benefits include:- Competitive pay- Substantial equity grants- Healthcare insurance (Medical, Dental and Vision) for you and your family- 401k matching- Wellness and fitness monthly allowances- PTO + paid holidays + unlimited sick leave- Autonomy and flexibility with remote workPlease inquire directly with our recruiting team for benefits available to those working outside the US.
Equal Opportunity EmployerWorkOS is an equal opportunity employer, committed to diversity and inclusiveness. We will consider all qualified applicants without regard to race, color, nationality, gender, gender identity or expression, sexual orientation, religion, disability or age.