Cloud Product Security Engineer

About The Position

Requirements

• 3+ years of professional software or security engineering experience, with hands on ownership of production systems deployed in cloud environments.
• Strong proficiency in one or more modern programming languages (such as Python, Java, or JavaScript), and a proven ability to design, write, review, and maintain robust production grade code.
• Hands‑on experience engineering security controls within public cloud platforms (e.g., AWS and/or Azure), spanning infrastructure, platform services, or application‑level integrations
• Background building or integrating cloud security posture management (CSPM), data protection, or data loss prevention (DLP) capabilities as engineered solutions
• Understanding of cloud‑native architectures and services (e.g., identity, networking, storage, compute) and how security controls integrate into them
• Experience engineering preventative, detective, and responsive security capabilities, including detection logic, automation, or response workflows in cloud environments
• Familiarity integrating security controls and signals with SIEM or security monitoring platforms to support detection and incident response
• Practical application of modern engineering practices such as infrastructure as code, automated testing, CI/CD, and operational feedback loops

Nice To Haves

• Working knowledge of cloud service provider security services and patterns (e.g., identity, networking, encryption, logging) and their use in real‑world cloud architectures
• Practical exposure to advanced CSPM techniques, including policy‑as‑code, drift detection, and automated remediation
• Experience with data classification, data handling, or data protection strategies that support DLP in cloud‑hosted systems
• Familiarity with security telemetry, logging pipelines, and SIEM platforms used for detection, investigation, and incident response
• Hands‑on involvement in incident response or post‑incident analysis from an engineering perspective (e.g., improving detections, controls, or recovery mechanisms)
• Exposure to infrastructure‑as‑code and cloud automation tooling used to deploy, configure, and secure cloud resources at scale
• Understanding of secure design principles for cloud‑native and distributed systems, including identity‑centric and least‑privilege approaches
• Demonstrated interest in continuously improving cloud security controls through learning, experimentation, and collaboration

Responsibilities

• Design, build, and operate cloud‑native security controls as software products across cloud infrastructure, data platforms, and application services
• Engineer and maintain cloud security posture management (CSPM) and data loss prevention (DLP) capabilities to continuously detect, assess, and reduce risk in cloud environments
• Build preventative, detective, and responsive security controls that integrate directly into cloud platforms, CI/CD pipelines, and shared enterprise services
• Integrate cloud security controls with SIEM and security tooling to generate high‑quality signals for detection, investigation, and incident response
• Support incident handling and response by engineering detection logic, automation, and response mechanisms that improve containment and recovery
• Apply modern cloud and software engineering practices (e.g., infrastructure as code, automated testing, CI/CD) to ensure security controls are reliable, scalable, and maintainable
• Collaborate with platform engineers, application teams, and Digital Product Managers to align cloud security controls with architectures and developer workflows

Benefits

• Compensation offered for this role ranges from $90,700 - 195,700 annually and is based on experience and qualifications.
• The candidate(s) offered this position will be required to submit to a background investigation.