Staff Cloud Security Engineer

NinjaTraderChicago, IL
$145,000 - $195,000Hybrid

About The Position

NinjaTrader is seeking a Staff Cloud Security Engineer to be the most senior individual contributor responsible for the security of their cloud platform. This role involves setting technical direction for securing workloads on Google Cloud Platform (GCP), designing edge and perimeter defenses using Cloudflare and Google Cloud Armor, and building security guardrails for engineering teams. It is a hands-on, high-impact role where the individual will establish engineering standards, influence architecture decisions, and act as the senior technical authority during security reviews and incidents, without managing people.

Requirements

  • 8+ years of experience in security engineering, including at least 5 years focused on cloud security in production environments.
  • Deep hands-on expertise securing Google Cloud Platform environments, including IAM, networking, VPC Service Controls, Security Command Center, KMS, and Organization Policy.
  • Demonstrated production experience with Cloudflare, including WAF, DDoS Protection, Zero Trust/Access, Bot Management, and Google Cloud Armor.
  • Strong Infrastructure-as-Code experience using Terraform and securing CI/CD pipelines.
  • Proficiency in at least one programming or scripting language such as Python or Go for automation and tooling.
  • Experience securing workloads within regulated industries and familiarity with frameworks such as PCI DSS, SOC 2, ISO, SOX, or similar.
  • Demonstrated technical leadership and the ability to influence engineering teams without direct authority.

Nice To Haves

  • Google Professional Cloud Security Engineer, CISSP, GCP Professional Cloud Architect, or similar certifications.
  • Experience securing GKE/Kubernetes environments and container or software supply chain security.
  • Multi-cloud experience across AWS and Azure.
  • Experience building detection engineering or threat hunting programs.
  • Previous experience in fintech, payments, trading, or other highly regulated financial environments.

Responsibilities

  • Own the cloud security architecture across GCP environments, including IAM, least privilege design, VPC Service Controls, Organization Policy, Shared VPC, Workload Identity, KMS/encryption, and Security Command Center.
  • Design, deploy, and tune edge and application-layer defenses using Cloudflare (WAF, DDoS Protection, Zero Trust/Access, Bot Management, Rate Limiting) and Google Cloud Armor (Security Policies, Adaptive Protection, Rate Limiting, and Global Load Balancer integration).
  • Lead threat modeling and security architecture reviews for new services and major platform changes, balancing business velocity with security risk.
  • Build security guardrails as code through policy-as-code, secure Terraform modules, and CI/CD security controls.
  • Advance cloud detection and response capabilities by partnering with SOC and Incident Response teams on logging pipelines, Chronicle/SIEM detections, and cloud-native alerting.
  • Serve as a senior technical responder during security incidents, including investigation, containment, remediation, and post-incident hardening.
  • Partner with GRC and Compliance teams to translate regulatory requirements (ISO, SOC 2, SOX, etc.) into scalable technical controls and evidence.
  • Mentor senior and mid-level engineers and raise the overall security maturity of the engineering organization.
  • Represent Cloud Security during cross-functional planning, architecture reviews, and strategic initiatives.

Benefits

  • Annual target bonus of 12%
  • 401K plan through ADP with company match up to 3.5%
  • 23 days of annual paid time off
  • Seven paid holidays
  • Generous PTO
  • 7 Paid Holidays Annually + 5 Conditional Holidays Annually
  • 1 Service Day Annually
  • 401k with 3.5% Company Match
  • Paid Parental Bonding Leave
  • Health, Vision, Dental Coverage
  • Life and Disability Insurance Covered 100% by NinjaTrader
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service