Senior Cloud Security Engineer

About The Position

Requirements

• 8 or more years of experience in a technical cybersecurity engineering role
• Minimum 4 years of hands-on experience focused on large-scale cloud or hybrid multi-cloud environments
• Demonstrated experience managing environments with 10,000 or more workloads and high-availability requirements
• Expert-level proficiency in security architecture across AWS, Azure, and Google Cloud
• Hands-on experience with Infrastructure as Code tools such as Terraform, Ansible, or CloudFormation
• Demonstrated portfolio of projects in which AI or machine learning was directly applied to solve security or operational scaling problems
• Experience with CI/CD and GitOps workflows treating security configurations as deployable, testable code
• B.S. or M.S. in Computer Science, Information Security, or a closely related technical field
• U.S. Citizenship or Permanent Residency required
• All work must be performed within the continental United States

Nice To Haves

• CISSP (Certified Information Systems Security Professional)
• CCSP (Certified Cloud Security Professional)
• AWS Certified Security — Specialty certification
• Google Professional Cloud Security Engineer certification
• Prior experience supporting federal agency programs or working in a federal contracting environment
• Familiarity with OWASP Top 10 for LLMs and hands-on experience implementing AI gateway or AI firewall solutions
• Experience integrating fraud detection signals across identity platforms and SIEM or big data analytics environments
• Familiarity with PCI DSS, SOC 2, and continuous programmatic compliance monitoring in large-scale commercial or retail environments

Responsibilities

• Design and implement automated compliance assessments to enforce hardening standards such as CIS and NIST across cloud accounts and on-premises virtualized environments
• Architect and maintain data-at-rest and data-in-transit encryption strategies spanning physical data center servers and cloud-native storage
• Develop and secure an enterprise Identity Fabric supporting 600,000+ employees and millions of commercial customers, integrating fraud detection signals from SIEM and big data analytics platforms
• Build and manage secure hybrid connectivity solutions including Transit Gateways and Service Mesh between on-premises hypervisors and multi-cloud environments, enforcing consistent policy across all tenants
• Partner with the SOC to develop high-fidelity detection logic and build SOAR playbooks that automate the isolation of compromised cloud workloads and on-premises virtual machines
• Support ongoing Purple Team exercises and control testing to validate the performance of security tools including EDR, WAF, and DLP across all environments
• Establish security guardrails for enterprise and customer-facing AI models, including protections for Databricks training pipelines against data poisoning and mitigations for LLM-specific threats such as prompt injection and sensitive data leakage
• Drive the transition from manual security operations to autonomous, ML-triggered auto-remediation across hybrid environments using advanced SOAR playbook development
• Discover and catalog Shadow AI usage across the enterprise, ensuring all third-party AI tools meet privacy and security standards
• Partner with business units to integrate security controls invisibly into logistics and retail workflows, enabling continuous and programmatic compliance with PCI, SOC 2, and related frameworks
• Build API-driven automation to connect disparate security and business applications, reducing manual friction and enabling self-healing security operations
• Communicate AI-driven security decisions and false positive handling clearly to non-technical stakeholders and program leadership

Benefits

• Comprehensive health, dental, and vision coverage for employees and eligible dependents
• Generous PTO accrual plus all 11 federally recognized holidays
• Competitive employer match to support your long-term financial goals