Staff AWS Cloud Security Engineer
About The Position
Zoox Cybersecurity is seeking a AWS Cloud Security Engineer to lead the design and implementation of secure, scalable, and software-defined infrastructure in our AWS cloud environment. This role is responsible for establishing best-in-class security practices across AWS, driving automation-first infrastructure security, and partnering with engineering and platform teams to embed security into every layer of our technology stack. Youâll act as a security champion, ensuring that infrastructure designs meet the highest standards of confidentiality, integrity, and availability. While maintaining operational efficiency and scalability through Infrastructure as Code (IaC). This role requires a strategic thinker with deep technical expertise in cloud security architecture, network security principles, and cloud-native vulnerability management. The ideal candidate will blend hands-on technical skills with leadership capabilities to guide both security initiatives and team development.
Requirements
- 10+ years of Security Engineering experience supporting production and/or DevOps environments, both Cloud and On-premises, along with proficiency with security automation using Python/Go and/or Terraform
- Experience implementing, administering, and supporting Cloud platform system/network vulnerability scanning tool(s), and development of microservice-based architectures
- Deep understanding of NIST CSF, MITRE ATT&CK Cloud Matrix, and CIS AWS Benchmarks
- Strong understanding of vulnerability scoring frameworks and business risk decision making
- Experience with: hybrid enterprise environments (cloud plus on-premises data centers); DevOps tools, artifact repositories, and Infra-as-code technology; dashboard technologies.
- Expert-level AWS security implementation experience
Nice To Haves
- AWS Certifications / AWS Certified Security - Specialty
- XSOAR (preferably Palo Alto Networks) and general automation development experience Experience with shell scripting, API usage and integration in Linux and Windows
- Palo Alto Networks Certified Security Engineer
Responsibilities
- Cloud Security Engineering and Architecture
- Design and implement enterprise-grade AWS security architectures using zero-trust principles
- Develop organization-wide security standards for IAM, VPC configurations, and data protection mechanisms
- Architect multi-account AWS environments with Security Hub, GuardDuty, and AWS Config integrations
- Lead Cloud Security Posture Management (CSPM) initiatives using Infrastructure-as-Code (Terraform/CloudFormation)
- Network Security
- Design and support secure network architectures using AWS constructs (TGW, GWLB, Firewalls)
- Implement layered defenses with WAF, Firewalls, Security Groups, and Network ACLs
- Optimize security controls for hybrid cloud environments and SD-WAN integrations
- Cloud Vulnerability Management
- Establish risk-based vulnerability prioritization frameworks for cloud assets
- Develop automated remediation pipelines using CI/CD tools and OPA policies
- Conduct attack surface analysis through cloud-specific threat modeling
- Leadership Expectations
- Mentor a team of 2 or more Cloud Security Analysts
- Lead cross-functional collaboration with SRE, ProdSec, IT, and Software Engineering teams
- Develop security training programs and cloud security certification paths
- Oversee vendor relationships for cloud security tooling and services
- Proven experience developing security analysts through mentorship
- Strong background in creating security policy frameworks and technical documentation
Benefits
- paid time off (e.g. sick leave, vacation, bereavement)
- unpaid time off
- Zoox Stock Appreciation Rights
- Amazon RSUs
- health insurance
- long-term care insurance
- long-term and short-term disability insurance
- life insurance
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
501-1,000 employees
