Senior Cloud Application Security Engineer

About The Position

Requirements

• Strong experience in cloud security, preferably AWS, with hands-on implementation of security controls and guardrails
• Experience securing containerized environments and Kubernetes platforms (RBAC, network policies, workload security), including designing and implementing controls in production environments
• Strong experience implementing security controls within CI/CD pipelines and influencing developer workflows
• Experience with vulnerability management across application and infrastructure layers, including prioritization and remediation workflows
• Hands-on experience with AWS security services such as SecurityHub, GuardDuty, IAM, Config, Control Tower, CloudWatch, and related tooling
• Strong DevSecOps experience with a cloud provider, ideally AWS
• Strong scripting and automation experience (Python, Terraform, or similar), with a focus on reducing manual operational work
• Experience with monitoring and logging platforms (e.g., Sumo Logic or equivalent)
• Knowledge of security frameworks and standards (e.g., OWASP Top 10, ISO 27001, SOC 2)
• Strong technical background in Linux and cloud-based systems
• Ability to operate independently and prioritize effectively in a dynamic environment
• Strong problem-solving and critical thinking skills, with a focus on practical, scalable solutions
• Excellent communication and collaboration skills across engineering and security teams
• 5+ years of experience in cloud, application, or platform security, with demonstrated depth in AWS and modern cloud-native environments
• Bachelor’s degree in computer science, engineering, or equivalent experience

Nice To Haves

• AWS certifications

Responsibilities

• Collaborate with DevOps, Engineering, and other stakeholders to design, implement, and operate cloud and application security capabilities across CI/CD pipelines and production environments
• Lead and support application security reviews and threat modeling, including code review, static, and dynamic testing
• Own and improve vulnerability management processes across application and infrastructure layers, including CI/CD-integrated workflows
• Establish and maintain AWS security guardrails, ensuring services are properly configured with effective monitoring, visibility, and alerting
• Design and implement Kubernetes and container security controls, including configuration standards, access controls, and runtime considerations
• Drive automation of security workflows to reduce manual effort and improve response times
• Support Infrastructure as Code (IaC) security practices, including Terraform-based deployments
• Monitor systems for irregular behavior, improve detection capabilities, and assist in incident response and investigation
• Track and report on the effectiveness of security controls and continuously improve security posture
• Research and evaluate emerging technologies and security trends to improve platform security and operational efficiency

Benefits

• Robust benefits package for full-time, permanent employees
• Health coverage
• Dental coverage
• Vision coverage
• Retirement plans with company match
• Paid time off
• Parental leave
• Annual education & training stipend (equivalent to $1,000 in local currency)
• Flexible Hybrid Working Environment
• Weekly lunches
• Quality coffee
• Regular social events
• Parent rooms (in many locations)
• On-site gyms (in many locations)
• Comfortable lounges (in many locations)
• Adaptable workstations (in many locations)
• Wellness workshops and events
• Complimentary Headspace subscription
• Employee Resource Groups