Senior Cloud Software Engineer - Infra Security

About The Position

Requirements

• Bachelor’s degree or above in Computer Science, Software Engineering, Information Security, or a related field.
• 5+ years of experience in infrastructure security, platform security, system security, or related areas.
• Hands-on experience with AWS is required, with solid practical knowledge of cloud infrastructure security design and governance.
• Strong software engineering and development capabilities, with the ability to independently design and build platform features and perform secondary development and enhancement on existing security or infrastructure platforms.
• Deep understanding of Linux systems, including host security, permissions, processes, file systems, and networking fundamentals.
• Strong understanding of security operations principles and engineering practices, including but not limited to least privilege, access control, firewall policies, and network boundary isolation.
• Good understanding of common security attack techniques and risk scenarios, such as privilege escalation, vulnerability exploitation, lateral movement, malicious traffic, and misconfiguration risks, with the ability to analyze and mitigate them.
• Strong problem-solving skills, with the ability to drive security governance and platform improvements from both engineering and platform perspectives.
• Strong communication and cross-functional collaboration skills.

Nice To Haves

• Experience with other public cloud platforms such as Azure or GCP.
• Experience in cloud-native security, host security, container security, or automated security operations platform development.
• Proficiency in Chinese in addition to English.

Responsibilities

• Design and implement a security governance framework for the cloud-native infrastructure platform, continuously improving the overall security posture and governance maturity of the platform.
• Build platformized security capabilities, including the evaluation, integration, and adoption of security components, as well as secondary development and capability enhancement based on business and platform needs.
• Design and develop automated security auditing platforms to enable automated security checks, risk detection, compliance validation, and remediation workflows.
• Build security threat detection and alerting capabilities to improve identification, warning, and response for abnormal behaviors, potential attacks, and security risks.
• Participate deeply in the security design of cloud-native platforms and infrastructure systems, and drive capabilities such as access control, network isolation, host hardening, and system-level security governance.
• Define and continuously optimize security policies, standards, and enforcement mechanisms based on security operation principles such as least privilege and firewall policy management.
• Collaborate closely with infrastructure, architecture, engineering, and operations teams to embed security capabilities into the platform lifecycle and improve the default security baseline and operational readiness of the platform.
• Stay up to date with common attack techniques, security risks, and defense best practices, and continuously evolve the company’s infrastructure security governance and platform capabilities.

Benefits

• Free snacks and drinks
• Fully paid medical, dental, and vision insurance (partial coverage for dependents)
• Contributions to 401k funds
• Bi-annual reviews, and annual pay increases
• Health and wellness benefits, including free gym membership
• Quarterly team-building events