Skip to content
NinjaTraderNinjaTraderChicago, IL

Staff Cloud Security Engineer

Senior individual contributor owning cloud security architecture and guardrails for GCP workloads at a fintech trading platform. Leads threat modeling, edge defenses with Cloudflare/Armor, policy-as-code, incident response, and compliance controls while mentoring engineers.

145k – 195k
Hybrid8+ YOESecurity Engineering

About the role

What you'll do

As a Staff Cloud Security Engineer, you are the most senior individual contributor responsible for the security of our cloud platform. You will set the technical direction for how we secure workloads across Google Cloud Platform (GCP), design our edge and perimeter defenses using Cloudflare and Google Cloud Armor, and build the guardrails that enable engineering teams to move quickly without compromising security.

This is a hands-on, high-impact individual contributor role. You will not manage people but will establish engineering standards across the organization, influence company-wide architecture decisions, and serve as the senior technical authority during security reviews and incidents.

In this role you will:

  • Own the cloud security architecture across our GCP environments, including IAM and least privilege design, VPC Service Controls, Organization Policy, Shared VPC, Workload Identity, KMS/encryption, and Security Command Center
  • Design, deploy, and tune edge and application-layer defenses using Cloudflare (WAF, DDoS Protection, Zero Trust/Access, Bot Management, Rate Limiting) and Google Cloud Armor (Security Policies, Adaptive Protection, Rate Limiting, and Global Load Balancer integration)
  • Lead threat modeling and security architecture reviews for new services and major platform changes while balancing business velocity with security risk
  • Build security guardrails as code through policy-as-code, secure Terraform modules, and CI/CD security controls so secure defaults become the path of least resistance
  • Advance cloud detection and response capabilities by partnering with the SOC and Incident Response teams on logging pipelines, Chronicle/SIEM detections, and cloud-native alerting
  • Serve as a senior technical responder during security incidents, including investigation, containment, remediation, and post-incident hardening
  • Partner with GRC and Compliance teams to translate regulatory requirements such as ISO, SOC 2, SOX, and similar frameworks into scalable technical controls and evidence
  • Mentor senior and mid-level engineers while raising the overall security maturity of the engineering organization
  • Represent Cloud Security during cross-functional planning, architecture reviews, and strategic initiatives

What you'll need

  • 8+ years of experience in security engineering, including at least 5 years focused on cloud security in production environments
  • Deep hands-on expertise securing Google Cloud Platform environments, including IAM, networking, VPC Service Controls, Security Command Center, KMS, and Organization Policy
  • Demonstrated production experience with Cloudflare, including WAF, DDoS Protection, Zero Trust/Access, Bot Management, and Google Cloud Armor
  • Strong Infrastructure-as-Code experience using Terraform and securing CI/CD pipelines
  • Proficiency in at least one programming or scripting language such as Python or Go for automation and tooling
  • Experience securing workloads within regulated industries and familiarity with frameworks such as PCI DSS, SOC 2, ISO, SOX, or similar
  • Demonstrated technical leadership and the ability to influence engineering teams without direct authority

Bonus points for

  • Google Professional Cloud Security Engineer, CISSP, GCP Professional Cloud Architect, or similar certifications
  • Experience securing GKE/Kubernetes environments and container or software supply chain security
  • Multi-cloud experience across AWS and Azure
  • Experience building detection engineering or threat hunting programs
  • Previous experience in fintech, payments, trading, or other highly regulated financial environments

Compensation

The salary range for this role will be $145,000.00 - $195,000.00 USD. In addition, this position will also receive an annual target bonus of 12%. Bonus pay at NinjaTrader is based on individual performance (50%) as well as company/team performance (50%).

Salary and bonus earnings are only two components of the total compensation package offered by NinjaTrader. NinjaTrader offers a 401K plan through ADP under which the company will match up to 3.5% of employee contributions. Annual paid time off allowance accrues at a rate of 23 days per year plus seven paid holidays.

Skills

Cloud SecurityGCPIAMVpc Service ControlsTerraformCloudflareGoogle Cloud ArmorPythonGoKubernetesSIEMPolicy As Code
Databricks

Staff Security Detection Engineer

DatabricksUnited States

Designs and implements scalable ML-driven intrusion detection solutions, optimizes log pipelines, and enhances threat detection on Databricks platform. Requires 10+ years experience in security detection engineering and expertise in cloud security, Python, and Spark.

143k – 273k
Remote10+ YOESecurity Engineering
Okta

Staff Product Security Engineer

OktaBellevue, WA +4

Staff-level product security engineer leading security reviews, threat modeling, penetration testing, and LLM/AI security assessments for Okta's identity platform. Requires deep manual security expertise and strong communication skills.

141k – 248k
Hybrid7+ YOESecurity Engineering
Shield AI

Staff Engineer, Systems Safety (R4823)

Shield AISan Diego, CA

Leads safety requirements derivation, hazard analysis, and verification for safety-critical airborne software systems, ensuring compliance with DO-178C and related standards. Collaborates across engineering teams to integrate safety into architecture, code, and testing for airworthiness certification.

140k – 210k
On-site5+ YOESecurity Engineering
LiveKit

Staff Security Engineer

LiveKitUnited States

Staff Security Engineer owns security across applications, infrastructure, and workflows at LiveKit. Requires 6+ years software engineering experience, hands-on security expertise in cloud/container environments, threat modeling, and incident response.

150k – 250k
Remote6+ YOESecurity Engineering
Twilio

Staff Engineer

TwilioUnited States

Technical lead performing advanced offensive security work including full-stack pentesting, red team operations, custom exploit development, AI/LLM red teaming, and bug bounty management. Requires 7-10 years experience, deep expertise in MITRE ATT&CK and OWASP, and proficiency with industry tools and scripting.

156k – 229k
Remote7+ YOESecurity Engineering