Skip to content
OktaOktaBellevue, WA

Staff Software Engineer, Security Engineering

Staff-level engineer designing and building security guardrails for multi-cloud environments, translating security standards into code-driven policies. Requires 8+ years in cloud security with deep expertise in Kubernetes, IAM, and Policy-as-Code.

174k – 239k
Hybrid8+ YOESecurity Engineering

About the role

What You Will Do

  • Cloud Security Strategy: Design organization-wide controls (SCPs, Azure Policy) that provide maximum protection with minimum developer friction.
  • Identity & Access Management (IAM): Architect templates and permission boundaries that govern how services and humans interact with our cloud environment with the principle of least privilege in mind.
  • Infrastructure & Network Security: Define the security standards for VPC architecture, edge networking, and cross-account connectivity.
  • Platform Security Architecture: Lead platform-related security reviews for new features and high-impact services, ensuring security is baked into the design phase.
  • System Design: Design systems and processes to validate the security posture of the platform, ensuring our security policies are enforced in real-time with actionable feedback for engineering teams.
  • Mentorship & Influence: Mentor junior engineers and influence senior leadership on critical security decisions.

What You Bring

  • 8+ years of proven experience in information security, specifically within cloud-native environments, Kubernetes (EKS, AKS), and cloud security.
  • Deep understanding of secure networking principles, including VPC peering/transit gateways, VPN implementations, edge protection, and managing public/private PKI infrastructures.
  • Strong background in building automated controls for enforcing Policy-as-Code within Terraform workflows.
  • Hands-on experience identifying attack vectors and conducting risk assessments for complex, distributed systems.
  • Experience working with security platforms for analyzing cloud permissions and a background or interest in applying AI to streamline security tasks and governance.
  • Exceptional communication skills with a track record of aligning multiple teams toward shared security goals.
  • Bachelor's degree in Computer Science, Information Security, Systems Engineering, or a related field.

Nice to Have

  • Experience navigating compliance frameworks such as FedRAMP, SOC2, or HIPAA in a cloud environment.
  • Proficiency in one or more languages used for automation and tooling, such as Python, Go, or JavaScript.
  • Experience creating, managing, and securing containerized environments.
  • Experience with service mesh (Istio) security policies and zero-trust networking.

This position requires the ability to access federal environments and/or have access to protected federal data. The successful candidate must be able to submit documentation establishing U.S. Person status upon hire.

Skills

KubernetesEKSAksTerraformVpcPkiPythonGoJavaScriptIstio
Shield AI

Sr. Staff System Security Engineer

Shield AIDallas, TX +1

Lead cybersecurity strategy, architecture, and RMF execution for complex defense aircraft, mission systems, networks, and infrastructure. Requires 8+ years in cybersecurity for integrated defense platforms, strong RMF/STIG knowledge, and cross-functional integration skills.

170k – 250k
On-site8+ YOESecurity Engineering
Ironclad

Staff IAM Engineer

IroncladSan Francisco, CA

Own security-critical identity and corporate security controls, managing IAM platforms, SSO/MFA integrations, RBAC policies, and endpoint trust for macOS/Windows environments.

170k – 190k
Hybrid4+ YOESecurity Engineering
Earnin

Staff Risk Analyst

EarninUnited States

Owns full fraud risk management lifecycle including strategy, policy design, cross-functional leadership, and analytics in fintech. Requires 7+ years experience, SQL/Python, fraud platforms, and deep credit card knowledge.

170k – 210k
Remote7+ YOESecurity Engineering
Ironclad

Staff Application Security Engineer

IroncladSan Francisco, CA

Leads application security assessments, vulnerability testing, and secure coding practices for a SaaS platform. Requires 3+ years in app sec or software dev, proficiency in TypeScript/JavaScript, security tools like Burp Suite, and cloud experience.

170k – 190k
HybridSecurity Engineering
Vapi

Member of Technical Staff, DevSecOps

VapiSan Francisco, CA

Hands-on DevSecOps lead building and hardening security posture for a voice AI platform serving Fortune 500 customers. Focus on shift-left security, compliance automation, and multi-tenant infrastructure.

180k – 280k
Hybrid5+ YOESecurity Engineering