Staff Cloud Security Engineer

About The Position

Requirements

• Flexible Security Mindset: Approach security as a business enabler, balancing security, usability, and agility. Employ a measured, risk-based approach to solving security risks and challenges.
• SaaS Background: Experience working within a fast-paced SaaS company and understanding the unique security challenges of a cloud-first environment.
• Value Documentation: Recognize documentation as a critical tool for showing impact and value. Detail security recommendations, process improvements, architectural decisions, and innovative ideas.
• A Security-as-Code / Infrastructure-as-Code Mindset: Comfort with IaC tools such as Terraform / Spacelift, and other engineering tools such as CircleCI and Git. Comfortable reading cloud configurations and understanding architecture from the code up.
• Proficiency with Scripting: Comfortable with a scripting language (Python or Go, or something else) to parse data or comb through logs efficiently.
• Team Player: Effective collaborator and communicator both cross-functionally and functionally.
• Deep Cloud Expertise: Extensive knowledge of AWS and/or Azure and other cloud platforms, with demonstrated expertise in designing secure cloud, application, and system architectures. Intimately familiar with cloud-native security tooling, logging, identity management, and security policy.
• Incident Response Knowledge: Working knowledge of incident response processes and strategies. Familiarity with computer forensic tools and methods. Familiarity with a query language (jQL, SQL, Splunk, etc.) and comfortable combing through datasets during an incident.
• Remote-First Collaboration: Excellent communicator, capable of thriving and driving initiatives in a distributed, asynchronous work environment.

Responsibilities

• Product Security: Drive effective security detection and response across our production platform. A requirement for this role is having worked at a B2B SaaS company that provides cloud-hosted services to customers. Interact with developers who work in SaaS production environments.
• Secure Cloud Architecture: Design, evaluate, and implement architectural security standards for AWS, Azure, and PaaS cloud platforms. Be a key stakeholder when onboarding new technologies or modifying existing ones.
• DevSecOps Collaboration: Partner with internal DevOps and Platform teams to build security into every stage of the infrastructure-as-code lifecycle. Engage via PRs and review IaC/HCL/DSL configurations.
• Threat Modeling: Review architecture and product development pitches, leveraging security knowledge to ensure security and privacy by design.
• Platform Vulnerability and Risk Management: Manage a vulnerability management program tailored to cloud environments. Triage high-severity alerts and coordinate with internal teams for mitigations or remediations.
• Threat Detection & Response: Develop strategies to respond to and recover from security incidents affecting the Huntress platform. Implement tools, including runtime and build-level controls, for threat detection and prevention.
• Own Security Compliance: Own cloud security controls end-to-end, including the design, monitoring, and remediation of control failures.

Benefits

• 100% remote work environment
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth