Manager, Cloud Security

We're Celonis, the global leader in Process Mining technology and one of the world's fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes - and for that, we need you to join us.

The Team:

Within our InfoSec organization, Our global security engineering team is responsible for designing, building, and enhancing the underlying security components that help with securing the Celonis Application and Platforms stacks. We think about both offensively and defensively. We continuously monitor our global security posture and are always adapting to the ever-changing threat landscape. The security engineering team is looking for talented subject matter experts in application, platform and offensive security.

The Role:

Provide strategic leadership and hands-on expertise to secure Celonis’ multi-cloud infrastructure (AWS, Azure, GCP). This Manager of Cloud Security will drive the cloud security strategy, ensuring robust protection of our SaaS platform. You will lead a team of security engineers, setting best practices and fostering a culture of security excellence. The role balances high-level strategy with deep technical involvement in day-to-day cloud security operations.

The work you’ll do:

• Leadership & Strategy: Lead, mentor, and develop a team of cloud security engineers. Implement the cloud security roadmap and ensure alignment with Celonis’ business goals and risk posture.
• Cloud Security Controls: Design and implement security controls across AWS, Azure, and GCP environments. Continuously enhance our cloud security posture management (CSPM) program to identify and remediate risks in configurations and policies.
• Container & Kubernetes Security: Oversee security for containerized applications and Kubernetes clusters (EKS, AKS, GKE). Establish best practices for container image security, pod security policies, and cluster network segmentation to protect our microservices.
• Tools Integration: Integrate and manage advanced security tools into our infrastructure. This includes solutions like Teleport for secure access management and Tenable for vulnerability scanning and management. Ensure these tools are effectively used to protect cloud endpoints, and refine their configurations to fit Celonis’ environment.
• Cross-Team Collaboration: Work closely with security automation, enterprise security, and engineering teams to embed security into CI/CD pipelines and infrastructure provisioning. Champion a secure guardrails approach—automating security checks and educating teams to build secure systems from the ground up.
• Incident Response & Compliance: Collaborate with Security Operations to respond to cloud security incidents, performing root-cause analysis and implementing preventive measures. Ensure cloud architectures meet and industry benchmarks and participate in audits as needed.

The qualifications you need:

• Extensive Cloud Security Experience: Over 7 years of hands-on experience in information security, specializing in securing cloud infrastructure across AWS, Azure, and GCP. Demonstrated managerial experience (3-5 years) leading security teams, driving the implementation of best practices, and securing cloud services in production environments. Proven ability to manage complex security projects, mentor team members, and deliver scalable security solutions across multi-cloud platforms.
• Technical Expertise: Deep expertise in identity and access management (IAM), network security (VPCs, security groups, firewalls), and container security, including hands-on experience with Container Network Interfaces (CNI) such as Cilium. Extensive practical experience securing Kubernetes orchestrations and container ecosystems. Proficient with infrastructure-as-code tools (Terraform, CloudFormation) and automation/scripting (Python, Bash) to enforce scalable, automated security measures. Experienced in offensive cloud security assessments using tools such as ScoutSuite, Prowler, CloudSploit, Pacu, and similar cloud security auditing utilities, with the ability to proactively identify and remediate vulnerabilities.
• Leadership Skills: Demonstrated ability to lead and mentor security teams or projects. Strong project management and communication skills to articulate risks and influence technical and non-technical stakeholders.
• Security Best Practices: Up-to-date understanding of modern cloud security practices and frameworks (zero-trust networking, principle of least privilege, threat modeling for cloud). Experience implementing monitoring and alerting for cloud environments (CloudTrail, Azure Monitor, GCP Cloud Logging) and interpreting the results to improve security.
• Education & Certifications: Bachelor’s or Master’s in Computer Science, Cybersecurity, or related field is beneficial. Relevant certifications (CISSP, CISM, cloud security certs) are nice-to-have but not required – we value practical expertise and achievements more.

Preferred Qualifications:

• SaaS Environment Experience: Experience working in a high-growth SaaS company or similar cloud-driven environment. Understanding the security challenges of a multi-tenant cloud service and how to address them.
• Security Automation: Passion for automation and using code to solve security problems. Experience building security guardrails or self-service tools that enable developers to deploy securely (DevSecOps mindset).
• Tool Familiarity: Hands-on experience with tools such as Teleport (for secure access and identity management in infrastructure) and Tenable/Nessus (for vulnerability management) is highly desirable. Familiarity with other cloud security platforms or services (e.g., AWS Security Hub, Azure Security Center, GCP Security Command Center) is a plus.
• Continuous Improvement: Demonstrated habit of staying current with emerging cloud security trends and threats. Participation in security communities or contributions to open-source security projects show a plus.

 

The base salary range below is for the role in the specified location, based on a Full Time Schedule.

Total compensation package will include base salary + bonus/commission + equity + benefits (health, dental, life, 401k, and paid time off). Please note that the base salary range is a guideline, and that the actual total compensation offer will be determined based on various factors, including, but not limited to, applicant's qualifications, skills, experiences, and location.The base salary range below is for the role in New York, based on a Full Time Schedule. $169,650—$249,690 USD

What Celonis Can Offer You:

• The unique opportunity to work with industry-leading process mining technology
• Investment in your personal growth and skill development (clear career paths, internal mobility opportunities, L&D platform, mentorships, and more)
• Great compensation and benefits packages (equity (restricted stock units), life insurance, time off, generous leave for new parents from day one, and more). For intern and working student benefits, click here.
• Physical and mental well-being support (subsidized gym membership, access to counseling, virtual events on well-being topics, and more)
• A global and growing team of Celonauts from diverse backgrounds to learn from and work with
• An open-minded culture with innovative, autonomous teams
• Business Resource Groups to help you feel connected, valued and seen (Black@Celonis, Women@Celonis, Parents@Celonis, Pride@Celonis, Resilience@Celonis, and more)
• A clear set of company values that guide everything we do: Live for Customer Value, The Best Team Wins, We Own It, and Earth Is Our Future

 

About Us:

Celonis helps some of the world’s largest and most esteemed brands make processes work for people, companies and the planet. With over 5,000 enterprise customer deployments across nearly every industry, the Celonis Process Intelligence Platform uses process mining and AI to give you a living digital twin of your business operation. It’s system-agnostic and without bias, and empowers companies to reduce waste, create value and benefit people across the top, bottom, and green lines. Since 2011, the Celonis platform has enabled its customers to identify more than $18 billion in value. Celonis is headquartered in Munich, Germany, and New York City, USA, with more than 20 offices worldwide.

Get familiar with the Celonis Process Intelligence Platform by watching this video.

 

Data Privacy, Equal Opportunity, and Accessibility Information

Celonis is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment and equal opportunity in all aspects of employment. We will not tolerate any unlawful discrimination or harassment of any kind. We make all employment decisions without regard to race/ethnicity, color, sex, pregnancy, age, sexual orientation, gender identity or expression, transgender status, national origin, citizenship status, religion, physical or mental disability, veteran status, or any other factor protected by applicable anti-discrimination laws. As a US federal contractor, we are committed to the principles of affirmative action in accordance with applicable laws and regulations. Different makes us better. 

Any information you submit to Celonis as part of your application will be processed in accordance with Celonis’  Statements on Data Privacy, Equal Opportunity and Accessibility.

Please be aware of common job offer scams, impersonators and frauds. Learn more here.

By submitting this application, you confirm that you agree to the storing and processing of your personal data by Celonis as described in our Privacy Notice for the Application and Hiring Process.