Senior Cloud Security Engineer

TP-Link SystemsIrvine, CA
Onsite

About The Position

The Senior Cloud Security Engineer strengthens the security of our cloud environments through hands-on engineering: identifying and remediating risk, improving visibility, and automating security operations. This role turns security data into actionable insight and measurable risk reduction — finding what's exposed, prioritizing what matters, and driving fixes to closure. You'll partner closely with cloud operations, SRE, DevOps, and engineering teams across a globally distributed organization, and communicate cloud security posture clearly to both technical and non-technical stakeholders. This is a deeply hands-on technical role for an engineer who builds rather than just operates. You'll design controls, write automation, develop the dashboards and workflows that make security visible and repeatable, and apply modern AI tooling as a core part of how the work gets done. The right candidate combines strong cloud security fundamentals with the curiosity to keep pace with an evolving threat and technology landscape — and the judgment to know which risks actually matter.

Requirements

  • 3–5+ years of hands-on cloud security, infrastructure security, or security engineering experience.
  • Cloud security certification: AWS Certified Security – Specialty or Microsoft Certified: Azure Security Engineer Associate (AZ-500).
  • Deep working fluency in AWS security — IAM, VPC networking, logging and detection, encryption/KMS, secure configuration at scale.
  • Hands-on experience securing production Azure environments, including Entra ID and core Azure security services.
  • Experience securing Kubernetes workloads and containerized environments.
  • Significant experience with an enterprise CSPM/CNAPP platform such as Orca, Wiz, Prisma Cloud, or Microsoft Defender for Cloud.
  • AI-native security engineering: proven, hands-on use of agentic AI and LLM tooling as a primary engineering method — workflows built, automations shipped, and a working grasp of where these systems fail. Consumer chatbot familiarity does not meet this bar.
  • Working knowledge of frameworks such as ISO 27001, ISO/IEC 42001, SOC 2, NIST CSF, CIS Benchmarks, or GDPR.
  • Experience leading and executing enterprise security incident response activities
  • Bachelor's degree in a technical field.

Nice To Haves

  • AWS Certified Solutions Architect – Associate and/or Azure architecture certification (AZ-104 or AZ-305).
  • Experience securing hybrid, private cloud, or on-premises infrastructure.
  • Proficiency with KQL, SQL, Python, Grafana, or Power BI for security analytics.
  • Infrastructure as code and CI/CD pipeline security.
  • Experience collaborating with globally distributed engineering and operations teams.
  • Mandarin/English bilingual proficiency.

Responsibilities

  • Design, implement, and harden security controls across AWS, Azure, and hybrid infrastructure.
  • Identify vulnerabilities, misconfigurations, identity risks, and exposed services; prioritize by real-world impact and drive remediation to closure with infrastructure owners.
  • Develop dashboards, metrics, and reporting that communicate cloud security posture and remediation progress clearly to technical and executive audiences.
  • Apply automation and AI-assisted workflows to investigations, reporting, and day-to-day security operations.
  • Conduct secure architecture reviews for cloud services, infrastructure patterns, and deployment pipelines.
  • Maintain and improve security standards, runbooks, and guardrails; contribute to incident response and audit readiness.

Benefits

  • Fully paid medical, dental, and vision insurance (partial premium coverage for dependents)
  • Employer quarterly contributions to 401k funds
  • 15 days accrued vacation
  • 11 paid holidays
  • Bi-annual reviews, and annual pay increases
  • Health and wellness benefits, including free gym membership
  • Quarterly team-building event
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service