Staff Software Engineer, Security Engineering

About The Position

Requirements

• 8+ years of proven experience in information security, specifically within cloud-native environments, Kubernetes (EKS, AKS), and cloud security.
• Deep understanding of secure networking principles, including VPC peering/transit gateways, VPN implementations, edge protection, and managing public/private PKI infrastructures.
• Strong background in building automated controls for enforcing Policy-as-Code within Terraform workflows.
• Hands-on experience identifying attack vectors and conducting risk assessments for complex, distributed systems.
• Experience working with security platforms for analyzing cloud permissions and a background or interest in applying AI to streamline security tasks and governance.
• Exceptional communication skills with a track record of aligning multiple teams toward shared security goals.
• A Bachelor's degree in Computer Science, Information Security, Systems Engineering, or a related field.
• The ability to access federal environments and/or have access to protected federal data.
• The successful candidate must be able to submit documentation establishing U.S. Person status (e.g. a U.S. Citizen, National, Lawful Permanent Resident, Refugee, or Asylee. 22 CFR 120.15) upon hire.

Nice To Haves

• Experience navigating compliance frameworks such as FedRAMP, SOC2, or HIPAA in a cloud environment.
• Proficiency in one or more languages used for automation and tooling, such as Python, Go, or JavaScript.
• Experience creating, managing, and securing containerized environments.
• Experience with service mesh (Istio) security policies and zero-trust networking.

Responsibilities

• Design organization-wide controls (SCPs, Azure Policy) that provide maximum protection with minimum developer friction.
• Architect templates and permission boundaries that govern how services and humans interact with our cloud environment with the principle of least privilege in mind.
• Define the security standards for VPC architecture, edge networking, and cross-account connectivity.
• Lead platform-related security reviews for new features and high-impact services, ensuring security is baked into the design phase.
• Design systems and processes to validate the security posture of the platform, ensuring our security policies are enforced in real-time with actionable feedback for engineering teams.
• Raise the bar for the entire organization by mentoring junior engineers and influencing senior leadership on critical security decisions.

Benefits

• equity (where applicable)
• bonus
• health, dental and vision insurance
• 401(k)
• flexible spending account
• paid leave (including PTO and parental leave)