Engineer Cloud Security

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• Proven experience designing, implementing, and managing network infrastructure, particularly in innovation lab or cloud development environments.
• Extensive knowledge of security controls, protocols, and best practices across on-premises and cloud environments.
• Strong expertise in AWS and Azure, including architecture, security, and automation capabilities.
• Hands-on experience with IaC tools with a focus on Terraform.
• Proficiency in Python.
• Experience building, tuning, and operating detections using cloud-native tools (GuardDuty, Security Hub) and SIEM platforms (Splunk).
• Ability to investigate cloud logs (CloudTrail, VPC Flow Logs, audit logs).
• Strong understanding of least privilege IAM design, role-based access, service accounts, and federated identity.
• Strong problem-solving, communication, and teamwork skills, with the ability to collaborate with technical and non-technical stakeholders across Cloud Platform, DevOps, SRE, and Engineering teams.

Nice To Haves

• Relevant certifications such as CISSP, AWS Certified Security, or similar credentials.
• 3+ years managing security controls, including defining security policies and guardrails (preferred).
• 4+ years of technical experience working with security solutions and conducting security operations (preferred).
• 4+ years of cloud network security experience, including reviewing tools and making recommendations on utilization and strategy (preferred).
• 4+ years of experience with network protocols, data flows, and attacks within an IP environment (preferred).
• 3+ years building configurations for security devices and building automated processes to support large-scale deployment (preferred).
• Extensive experience with security software, firewalls, intrusion detection systems, and network monitoring (preferred).
• Extensive hands-on technical knowledge of network systems, protocols, and standards such as TCP/IP (preferred).
• 2+ years performing network and application security administration and threat assessments; CISSP or GIAC certification(s) (preferred).
• 2+ years programming or scripting experience in one or more of Java, Perl, PHP, Python, or shell (preferred).

Responsibilities

• Implement and manage secure cloud network infrastructure to support performance, security, scalability, and reliability.
• Partner with development teams to integrate security measures and best practices into the development lifecycle.
• Architect secure and resilient AWS and Azure environments aligned with industry standards and compliance requirements.
• Design and implement security controls and policies to reduce unauthorized access, data breaches, and related risks.
• Collaborate with cross-functional teams to support timely resolution of security incidents and security-related issues.
• Create and maintain Terraform scripts to provision and manage infrastructure resources using Infrastructure-as-Code (IaC).
• Stay current on security best practices, network technologies, and cloud services, and apply improvements to the environment.
• Train and guide junior team members on security practices and technologies.

Benefits

• Medical, dental, vision and life insurance
• Retirement savings – 401(k) plan with generous company matching contributions (up to 6%), financial advisory services, potential company discretionary contribution, and a broad investment lineup
• Tuition reimbursement up to $5,250/year
• Business-casual environment that includes the option to wear jeans
• Generous paid time off upon hire – including a paid time off program plus ten paid company holidays and three floating holidays each calendar year
• Paid volunteer time — 16 hours per calendar year
• Leave of absence programs – including paid parental leave, paid short- and long-term disability, and Family and Medical Leave (FMLA)
• Business Resource Groups (BRGs) – BRGs facilitate inclusion and collaboration across our business internally and throughout the communities where we live, work and play. BRGs are open to all.