Cloud Security Engineer

About The Position

Requirements

• Degree in Information Systems, Information Security, or a related field, or equivalent practical experience in cloud security or engineering
• Experience designing and implementing secure cloud solutions in at least one hyper-scale cloud provider, with an ability and operate across multi-cloud environments
• Experience automating and scaling security solutions using Infrastructure as Code (Terraform), scripting languages (Python preferred), and CI/CD pipelines (GitLab or similar), including integrating with APIs
• Experience with core cloud security principles, including identity and access management (IAM), logging, and cloud-native security services, and the ability to apply them in real-world environments
• Experience assessing cloud environments for risks and misconfigurations, and translating findings into practical, scalable solutions rather than one-off fixes
• Self-motivated and resilient, with experience learning new technologies, adapting to changing environments, and driving work forward with minimal direction
• Experience collaborating across teams, providing guidance, and supporting others to achieve shared security outcomes

Nice To Haves

• Experience building event-driven automation or security data pipelines using cloud-native services
• Familiarity with multiple cloud platforms (Azure, GCP, OCI)
• Experience working with cloud security posture management tools (e.g., Wiz) and using security data to lead prioritization and remediation
• Experience supporting cloud incident response activities
• Relevant certifications (CISSP, CISA, CISM, or cloud provider certifications)
• Understanding of compliance frameworks such as SOC 2, PCI-DSS, NIST, or ISO 27001
• Experience improving IAM practices or integrating with APIs to build scalable security automation

Responsibilities

• Design, build, and deploy automated cloud security controls and guardrails using Terraform, Python, and cloud-native services across hyper-scale cloud providers.
• Identify security risks and misconfigurations in cloud environments, and translate findings into automated controls, guardrails, and guidance that improve security posture.
• Develop event-driven automation and data pipelines using tools like Wiz and cloud-native telemetry to detect, prioritize, and remediate security risks.
• Be a cloud security subject matter expert during incident response, supporting investigation, containment, and long-term improvements to detection and response capabilities.

Benefits

• In addition to a great compensation package, paid time off, and paid parental leave, many Avalara employees are eligible for bonuses.
• Benefits vary by location but generally include private medical, life, and disability insurance.
• Avalara strongly supports diversity, equity, and inclusion, and is committed to integrating them into our business practices and our organizational culture. We also have a total of 8 employee-run resource groups, each with senior leadership and exec sponsorship.