Cloud Security Engineer, Security Operations

Security Operations (SecOps) secures the platform that manages our customers’ most sensitive data, and the role of a Security Engineer puts you at the forefront of that stewardship. This is a hands-on role securing multiple cloud providers (AWS, Azure) by leveraging native, custom, and 3rd party tooling. We use a confluence of technology to weave a security fabric around our cloud properties and underlying platform tech stack (EKS, Databricks, Snowflake, Lambda, API Gateway, GitLab). We are looking for an open, enthusiastic, empathetic, security professional who wants to build real security solutions to reduce or eliminate the possibility of human error.  

Help scale our team to meet the needs as we grow and deliver new products, services, and opportunities to our customers! 

As a Cloud Security Engineer, you’ll help us with: 

• Day to day operation of the security infrastructure supporting the company platform and information systems in both AWS and Azure 
  

• Enabling engineering teams through security reviews and audits to ensure security is at the heart of all features or solutions being built into our platform 
  

• Triaging or investigating security alerts 
  

• Resolving escalated access management requests and building least-privilege roles 
  

• Building access packages for employees and automating provisioning 
  

• Improving and tuning Splunk dashboards, alerts, and reports 
  

• Evaluating cloud security postures of accounts, subscriptions, and infrastructure in AWS and Azure 
  

• Runtime security tool monitoring, application/component integration, and alert tuning 
  

• Vulnerability management artifact curation and remediation (OS, code/library/dependency) 
  

• SAST result triage including remediation through DevOps practices or alongside developers and engineers 
  

Candidate must have: 

• A concrete understanding of application security, cloud security, network security, and host/OS security 
  

• Hands-on experience securing enterprise workloads in AWS or Azure, ideally for a multitenant SaaS platform 
  

• Familiarity with modern authentication protocols (SAML2, OAUTH, OIDC, mTLS) 
  

• Familiarity with basic programming concepts and ability to demonstrate capabilities in at least 1 language (ideally Python) 
  

• Unix systems administration experience 
  

Bonus Points: 

• Current cloud security certification(s) 
  

• Current cloud architecture or DevOps certification(s) 
  

• Experience securing serverless and containerized workloads 
  

• Experience deploying and supporting assets with Infrastructure as Code (IaC) methodologies (Terraform, CloudFormation, Azure Resource Manager Templates) 
  

• Programming/developer background or experience driving security to developers and integrating security tools into CI/CD pipelines. 
  

• Familiarity with securing PHI/PII or PCI data and systems. 
  

• Experience operating in a controlled environment (HITRUST, FedRamp, PCI). 
  

• Jira administration/service project workflow administration 
  

• Red-team experience 
  

• CCDC experience 
  

• CTF experience 
  

• Incident response or SOC experience 
  

• Knowledge of DevOps methodologies and Agile practices