Staff-level engineer designing and building security guardrails for multi-cloud environments, translating security standards into code-driven policies. Requires 8+ years in cloud security with deep expertise in Kubernetes, IAM, and Policy-as-Code.
174k – 239k
Hybrid8+ YOESecurity Engineering
About the role
What You Will Do
Cloud Security Strategy: Design organization-wide controls (SCPs, Azure Policy) that provide maximum protection with minimum developer friction.
Identity & Access Management (IAM): Architect templates and permission boundaries that govern how services and humans interact with our cloud environment with the principle of least privilege in mind.
Infrastructure & Network Security: Define the security standards for VPC architecture, edge networking, and cross-account connectivity.
Platform Security Architecture: Lead platform-related security reviews for new features and high-impact services, ensuring security is baked into the design phase.
System Design: Design systems and processes to validate the security posture of the platform, ensuring our security policies are enforced in real-time with actionable feedback for engineering teams.
Mentorship & Influence: Mentor junior engineers and influence senior leadership on critical security decisions.
What You Bring
8+ years of proven experience in information security, specifically within cloud-native environments, Kubernetes (EKS, AKS), and cloud security.
Deep understanding of secure networking principles, including VPC peering/transit gateways, VPN implementations, edge protection, and managing public/private PKI infrastructures.
Strong background in building automated controls for enforcing Policy-as-Code within Terraform workflows.
Hands-on experience identifying attack vectors and conducting risk assessments for complex, distributed systems.
Experience working with security platforms for analyzing cloud permissions and a background or interest in applying AI to streamline security tasks and governance.
Exceptional communication skills with a track record of aligning multiple teams toward shared security goals.
Bachelor's degree in Computer Science, Information Security, Systems Engineering, or a related field.
Nice to Have
Experience navigating compliance frameworks such as FedRAMP, SOC2, or HIPAA in a cloud environment.
Proficiency in one or more languages used for automation and tooling, such as Python, Go, or JavaScript.
Experience creating, managing, and securing containerized environments.
Experience with service mesh (Istio) security policies and zero-trust networking.
This position requires the ability to access federal environments and/or have access to protected federal data. The successful candidate must be able to submit documentation establishing U.S. Person status upon hire.
Lead cybersecurity strategy, architecture, and RMF execution for complex defense aircraft, mission systems, networks, and infrastructure. Requires 8+ years in cybersecurity for integrated defense platforms, strong RMF/STIG knowledge, and cross-functional integration skills.
170k – 250k
On-site8+ YOESecurity Engineering
Staff IAM Engineer
IroncladSan Francisco, CA
Own security-critical identity and corporate security controls, managing IAM platforms, SSO/MFA integrations, RBAC policies, and endpoint trust for macOS/Windows environments.
170k – 190k
Hybrid4+ YOESecurity Engineering
Staff Risk Analyst
EarninUnited States
Owns full fraud risk management lifecycle including strategy, policy design, cross-functional leadership, and analytics in fintech. Requires 7+ years experience, SQL/Python, fraud platforms, and deep credit card knowledge.
170k – 210k
Remote7+ YOESecurity Engineering
Staff Application Security Engineer
IroncladSan Francisco, CA
Leads application security assessments, vulnerability testing, and secure coding practices for a SaaS platform. Requires 3+ years in app sec or software dev, proficiency in TypeScript/JavaScript, security tools like Burp Suite, and cloud experience.
170k – 190k
HybridSecurity Engineering
Member of Technical Staff, DevSecOps
VapiSan Francisco, CA
Hands-on DevSecOps lead building and hardening security posture for a voice AI platform serving Fortune 500 customers. Focus on shift-left security, compliance automation, and multi-tenant infrastructure.