Senior Cloud Security Engineer

Job Overview

We are seeking an innovative and experienced Senior Cloud Security Engineer to secure Posit’s cloud infrastructure. The ideal candidate will be a systems thinker with deep cloud security expertise and a proven track record in building secure, scalable solutions for cloud-hosted and on-premise software. You’ll play a crucial role in shaping our security architecture, implementing robust controls, and ensuring the security of our multi-tenant environments and software supply chain.

Our department's mission is to ensure the security of Posit’s employees, assets, and customer data. We achieve this through secure architecture design, threat detection and response, supply chain security, secure development practices, and security operations, enabling innovation with right-sized security controls.

Since its inception, Posit has operated as a 100% distributed company with a SaaS-based infrastructure. This presents unique challenges and requires pragmatism and creativity to be successful. This position requires the ability to be design and systems focused in support of your team and colleagues.

Key Responsibilities

Own

• Architect and implement security controls for AWS-hosted applications and multi-tenant environments (GCP, Azure)
• Design and maintain secure infrastructure patterns using Infrastructure as Code
• Lead cloud security incident investigations and response efforts
• Implement comprehensive supply chain security controls
• Improve automated threat detection and response capabilities
• Create and maintain cloud security incident response playbooks
• Design security architecture standards for new application components

Assist

• Contribute directly to Posit product reference architecture, lending security expertise to design decisions
• Support  compliance initiatives for cloud infrastructure by creating processes and providing evidence of security controls
• Drive security monitoring strategy across cloud infrastructure

Teach

• Guide teams in performing secure DevOps practices
• Collaborate on technical documentation and standards

Learn

• Using AI to improve Cloud Security and ways to protect software development and Posit customers from AI threats
• Data science workflows to report on security telemetry systems

About You

• Deep expertise in AWS security architecture and services
• Understanding of Google Cloud and Microsoft Azure security architecture and services
• Strong background in securing multi-tenant environments
• Extensive experience with security controls with an emphasis on vulnerability management and detection of misconfigurations
• Proficiency in Python for security automation and the creation of reusable workflows using GitHub Actions
• Experience with cloud security platforms
• Knowledge of software supply chain security
• Expertise with security telemetry systems and SIEM platforms
• Strong background in Infrastructure as Code (Pulumi preferred)
• Excellent written communication for use by other engineers and operators
• Experience with container security and container orchestration platforms (Kubernetes)
• Knowledge of compliance frameworks (SOC 2, ISO 27001)

Posit offers competitive compensation with extensive human-first, people-focused benefits to prioritize your personal and financial well-being. Individual pay decisions are based on a number of factors, including qualifications for the role, experience level, and skillset. This hiring range reflects base salary and assumes that the job will be performed in the United States.

Hiring Range$143,200—$200,500 USD

Working at Posit:

• We welcome all talented colleagues and are committed to a culture that represents diversity in all its forms.
• We prioritize giving ourselves “focus time” to get deep work done. We minimize meetings and attempt to operate asynchronously.
• We are a learning organization and take mentorship and career growth seriously. We hope to learn from you and we anticipate that you will also deepen your skills, influence, and leadership as a result of working at Posit.
• We operate under a unique sustainable business model: We have over 50% of our engineering dedicated to creating free and open source software.  We are profitable and we plan to be around decades from now.
• Posit is a Public Benefit Corporation (PBC) and a Certified B Corporation®, which means our open-source mission is codified into our charter. As a result, our corporate decisions balance the community's interests, customers, employees, and shareholders. Hear more about why we think this matters here.

Notable:

We offer competitive compensation with extensive human-first, people-focused benefits to prioritize your personal and financial well-being.

• 100% of medical, dental, and vision insurance premiums are covered for employees and their families! Fertility and gender-affirming healthcare is included in all of our plans.
• Supplemental mental health and wellness benefits are available via Ginger even if you don’t opt in to our insurance plans, including Ginger for teen family members.
• Posit's gender-neutral paid parental leave policy covers all new parents, including foster and adoptive parents.
• All full-time employees are eligible for 401k enrollment starting on day one.
• After six months of employment, Posit provides a substantial yearly match to employee 401K contributions.
• An annual profit-sharing bonus for employees recognizes our team’s contributions to company performance across the year.
• We are a 100% distributed team. You are also welcome to come into our Boston office. 
• We offer a $400 monthly reimbursement for coworking space rental if you prefer to work away from home. 
• Our Lifestyle Savings Account offers an initial deposit of $1800 and then an additional quarterly stipend of $375 to cover the costs of professional development, wellness, financial health, charitable giving, and remote work support.
• We provide a flexible environment with a generous vacation policy that encourages a minimum of four weeks PTO per year plus 13 paid company holidays.

Are you excited about this role but not sure if your experience aligns with every qualification in the job description? That’s okay. We know multiple perspectives are essential for a thriving organization and we'd still love to hear from you! 

Posit is committed to being a diverse and inclusive workplace. We encourage applicants of different backgrounds, cultures, genders, experiences, abilities, and perspectives to apply. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sexual orientation, gender, gender identity, age, physical disability, or length of time spent unemployed.

Posit Software, PBC participates in the federal E-Verify program, which confirms employment authorization of newly hired U.S. based employees. E-Verify is not used as a tool to pre-screen candidates and is only initiated upon hire.

E-Verify Participation Notice (English/Spanish)

Right to Work Notice (English/Spanish)

#LI-REMOTE