Skip to content
MercorMercorSan Francisco, CA

Security Engineer, Cloud Infrastructure

Designs and implements cloud security architectures including multi-account AWS isolation, Kubernetes hardening, and CSPM with Wiz for enterprise tenant separation. Requires 5+ years in cloud/infrastructure security, IaC expertise, and production experience.

130k – 500k/yr
Hybrid5+ YOESecurity Engineering

About the role

What You'll Build

  • Multi-account AWS tenant isolation architecture - dedicated accounts, SCPs, network boundaries, and data segregation for enterprise clients
  • Cloud security posture management using Wiz CSPM - continuous monitoring, misconfiguration detection, and automated remediation
  • Kubernetes security hardening - pod security standards, network policies, secrets management, and runtime protection
  • Infrastructure-as-code security guardrails - Terraform/CloudFormation policies that prevent insecure deployments before they reach production
  • IAM architecture and least-privilege access controls across AWS, Snowflake, and internal services
  • Incident response infrastructure - logging pipelines, forensic readiness, and blast radius containment

What We're Looking For

  • Deep AWS security expertise - you've architected multi-account strategies, written SCPs, and hardened production environments
  • Experience with Kubernetes security in production - not just tutorials, you've secured real clusters running real workloads
  • Strong infrastructure-as-code skills - Terraform, CloudFormation, or Pulumi - you think in code, not console clicks
  • Experience with CSPM/CNAPP platforms (Wiz, Prisma Cloud, or similar) - deploying, tuning, and driving remediation
  • Understanding of network security at the cloud level - VPCs, security groups, transit gateways, PrivateLink
  • You've designed tenant isolation for multi-tenant SaaS - data segregation, compute isolation, network boundaries
  • 5+ years of professional experience in cloud security, infrastructure security, or platform/SRE engineering with a strong security focus

Bonus Points

  • Experience with Snowflake security - schema-level isolation, access controls, data sharing governance
  • Familiarity with container runtime security (Falco, SentinelOne Cloud Workload Protection, or similar)
  • Offensive cloud security skills - you've exploited misconfigurations and understand the attacker's perspective
  • Experience building compliance-ready infrastructure (SOC 2, ISO 27001, FedRAMP)
  • You've handled cloud security incidents - forensics, containment, and root cause analysis in AWS
  • Contributions to open source infrastructure security tools

Skills

AWSKubernetesTerraformWizCspmIAMScpsVpcSecurity GroupsSnowflakeFalco
NinjaTrader

GRC Engineer

NinjaTraderChicago, IL

Mid-level GRC Engineer building automation and tooling to scale compliance for SOC 2, ISO 27001, and SOX. Hands-on role combining scripting, audit coordination, risk management, and cross-functional partnership with engineering teams.

130k – 145k/yr
Hybrid3+ YOESecurity Engineering
Mercor

Security Engineer, Application Security

MercorSan Francisco, CA +1

Owns application security by embedding review workflows in SDLC, building SAST/DAST pipelines in CI/CD, managing vulnerability remediation, and operating bug bounty programs. Requires 5+ years experience finding/fixing vulnerabilities, strong skills in Python/TypeScript/Go, and SAST/DAST tooling.

130k – 500k/yr
On-site5+ YOESecurity Engineering
Socket

Threat Analyst

SocketUnited States

Analyzes software supply chain threats using AI scanners, conducts malware analysis and threat hunting, builds automation tools, and integrates research into products to protect open source ecosystems. Requires 3+ years in security operations and master's degree.

126k – 170k/yr
Remote3+ YOESecurity Engineering
Upstart

Infrastructure Security Engineer

UpstartUnited States

Designs and implements security controls for cloud infrastructure, Kubernetes, and deployment systems. Partners with engineering teams to review architectures, automate preventative measures, and remediate vulnerabilities. Requires 3+ years experience, Bachelor's degree, and proficiency in AWS, IaC tools, and programming.

134k – 186k/yr
Remote3+ YOESecurity Engineering
Applied Intuition

Product Security Engineer

Applied IntuitionSunnyvale, CA

Embeds security into product design and development lifecycle by analyzing architectures, conducting threat modeling and assessments, maturing vulnerability management, and guiding developers on secure practices. Requires 5+ years in product/application security with expertise in cloud, containers, and automation tools.

125k – 160k/yr
On-site5+ YOESecurity Engineering