Cloud Security Lead

About The Position

Requirements

• 7+ years of experience in cloud security, cloud engineering, or infrastructure security
• Deep expertise in AWS architecture and services
• Strong understanding of IAM design and least-privilege principles
• Experience with Infrastructure as Code and CI/CD integration
• Experience implementing cloud-native detection and monitoring
• Ability to translate infrastructure risk into business impact

Nice To Haves

• Experience in mid-market or high-growth SaaS environments
• Experience supporting SOC 2 or similar audits
• Familiarity with policy-as-code frameworks
• Experience building multi-account AWS environments
• Relevant certifications such as AWS Security Specialty, CISSP, or equivalent

Responsibilities

• Cloud Security Architecture
• Design and implement secure cloud architecture patterns
• Establish guardrails for AWS accounts and services
• Strengthen multi-account strategy and segmentation
• Improve IAM design, permission boundaries, and least-privilege models
• Review major infrastructure changes for security impact
• Cloud Detection and Visibility
• Implement and tune cloud-native detection capabilities
• Integrate AWS security services into centralized monitoring
• Identify misconfigurations and excessive permissions
• Improve signal-to-noise ratio in cloud alerts
• Infrastructure as Code Security
• Embed security controls into Terraform or other IaC workflows
• Enforce policy-as-code guardrails
• Ensure IaC scanning is integrated into CI/CD pipelines
• Reduce configuration drift across environments
• Vulnerability and Configuration Management
• Oversee cloud misconfiguration detection and remediation
• Track infrastructure vulnerability exposure
• Reduce critical vulnerability exposure window
• Partner with Platform teams to automate remediation
• Data Protection and Encryption
• Ensure proper encryption standards across storage and databases
• Manage KMS usage and key lifecycle best practices
• Strengthen logging and monitoring coverage
• Incident Response Support
• Lead cloud-focused investigations during security incidents
• Improve forensic readiness in AWS
• Harden logging and evidence retention practices
• Automation and Continuous Improvement
• Automate guardrails and enforcement mechanisms
• Improve developer experience with secure cloud defaults
• Reduce manual cloud security reviews
• Optimizing tooling cost and effectiveness
• Metrics and Reporting
• Define KPIs for cloud security posture
• Report on misconfiguration trends and exposure windows
• Provide executive-level reporting on infrastructure risk
• Support audit and compliance evidence collection

Benefits

• $130,000 to $150,000 base salary + bonus opportunity
• Great Healthcare + Dental + Vision
• Flexible PTO
• Culture of support, encouraging Life-Work balance
• 401k match
• FSA and HSA options
• Employee Assistance Program
• Paid Parental Leave
• Representing a company with 4,000+ clients and a 99% retention rate
• Accelerated title and salary growth potential
• A fun and energetic work environment that makes you excited to go to work every day