Skip to content
BraintrustBraintrustNew York, NY

Cloud Security Engineer

Hands-on Cloud Security Engineer owning security architecture across AWS, Azure, and GCP, hardening Kubernetes and Terraform stacks, building detections, and leading incident response for multi-cloud infrastructure.

Salary not listed
On-site5+ YOESecurity Engineering

About the role

What you'll do

  • Own the security architecture for our internal AWS environment and the customer-deployed stacks running in AWS, Azure, and GCP
  • Write Terraform modules and policy code that make the secure path the default path for every team shipping infra
  • Harden our Kubernetes footprint: admission controllers, network policies, workload identity, runtime detections, secrets handling
  • Build and tune detections across cloud control planes, identity providers, and workload telemetry; own the alert pipeline end-to-end and keep signal-to-noise high
  • Help run incident response when something fires, and turn every incident into durable controls and codified runbooks
  • Help push cloud compliance initiatives
  • Partner with customers in Slack on self-hosting, network architecture, key management, and tenancy questions
  • Use agentic coding workflows to automate the repeatable parts of security work: control validation, evidence collection, drift detection, and IR triage

Ideal candidate credentials

  • 5+ years in cloud security, infrastructure security, or security engineering with a heavy hands-on bent — you ship code and configuration, not just policy
  • Deep AWS expertise (IAM, VPC, KMS, GuardDuty, CloudTrail) and working fluency in at least one of Azure or GCP
  • Strong Terraform skills and a track record of making security guardrails the default in IaC pipelines
  • Production Kubernetes security experience: you've run admission controllers, debugged a cluster compromise, or written a network policy that mattered
  • Proficient in modern backend technologies and comfortable writing real code in Python, TypeScript, or Go
  • Production incident response experience; you've owned a real incident end-to-end and made the next one less painful
  • Familiarity with one or more compliance regimes (SOC 2, ISO 27001, HIPAA, FedRAMP) and the discipline to make them work without becoming busywork
  • Active user of agentic coding tools, with a clear point of view on how AI is changing security engineering — both offense and defense

Bonus: experience securing self-hosted enterprise software, multi-tenant SaaS, or LLM-heavy workloads (data exfiltration via prompts, model proxy abuse, agent sandboxing)

Skills

AWSTerraformKubernetesPythonTypeScriptGoAzureGCPIAMGuarddutyCloudtrailKmsVpcSOC 2ISO 27001
Forus

Security Program Manager

ForusNew York, NY

Own end-to-end compliance programs (SOC 2, HIPAA, HITRUST), build customer trust function, implement automation, and partner with engineering on controls for a healthcare AI platform handling protected health information.

Salary not listed
On-site4+ YOESecurity Engineering
Anthropic

Safeguards Enforcement Analyst, Account Takeover & Credential Abuse

AnthropicSan Francisco, CA +2

Safeguards Enforcement Analyst focused on account takeover and credential abuse. Investigate compromise incidents, design remediation workflows, partner with engineering on detection, enforce AI usage policies, and develop scalable enforcement programs for platform safety.

245k – 285k/yr
HybridSecurity Engineering
Zocdoc

Application Security Engineer

ZocdocUnited States

Application Security Engineer partnering with engineering teams to embed security into the SDLC, triage SAST/SCA findings, provide remediation guidance on OWASP issues, maintain security docs/playbooks, support governance/audits, and integrate GenAI tools while building AI governance guardrails.

100k – 140k/yr
RemoteSecurity Engineering
Cloudflare

Detection & Mitigation Engineer

CloudflareUnited States

Security Detections Engineer identifying attacker TTPs, building real-time detections, and mitigating threats/abuse across Cloudflare's global platform using data analysis, SQL, scripting, and threat intelligence. Requires strong analytical and communication skills.

Salary not listed
HybridSecurity Engineering
Mintlify

Security & Compliance Operations Manager

MintlifySan Francisco, CA

Own and run Mintlify's end-to-end security and compliance programs (SOC 2, ISO 27001/42001, GDPR, Microsoft SSPA) as the first dedicated GRC Program Manager. Administer Drata, manage audits/vendors/evidence, handle customer-facing compliance, and coordinate with engineering.

120k – 180k/yr
On-site3+ YOESecurity Engineering