Skip to content
VercelVercelUnited States

Security Engineer, Cloud

Security Engineer building and hardening cloud-native security controls, infrastructure-as-code, and CI/CD pipelines for a scalable platform. Requires 8+ years in infrastructure/platform security and deep expertise in AWS/GCP and Kubernetes.

208k – 312k
Remote8+ YOESecurity Engineering

About the role

What you will do

  • Design and implement scalable security controls across our cloud-native platform.
  • Harden infrastructure components using infrastructure-as-code, policy enforcement, and service isolation.
  • Build secure by default infrastructure and code CI/CD pipelines.
  • Collaborate with platform and infrastructure teams to integrate security best practices into architecture and workflows.
  • Stay ahead of cloud security trends and adopt cutting-edge technologies to enhance platform resilience.
  • Conduct threat modeling, risk analysis, and mitigation planning for critical systems.
  • Drive improvements in monitoring, detection, and incident response at the platform level.
  • Build, deploy and maintain relevant tooling.

About you

  • 8+ years of experience in infrastructure or platform security roles.
  • Deep understanding of secure cloud infrastructure (AWS/GCP), identity and access management, and system hardening.
  • Proficient with tools like Terraform, CDK, Kubernetes, and CI/CD security.
  • Skilled at balancing engineering realities with principled security practices.
  • Proven track record of shipping secure, resilient systems at scale.

Bonus if you

  • Have built or scaled security automation pipelines.
  • Contributed to open-source security projects or tools.
  • Hold certifications such as GCP Security Engineer, AWS certifications, CISSP, or OSCP.
  • Hold a bachelors or masters degree in Cybersecurity or similar disciplines.

Benefits

  • Competitive compensation package, including equity.
  • Inclusive Healthcare Package.
  • Learn and Grow - we provide mentorship and send you to events that help you build your network and skills.
  • Flexible Time Off.
  • We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed.

Skills

AWSGCPTerraformCdkKubernetesCI/CDIdentity And Access ManagementThreat ModelingIncident ResponseSecurity Automation
Vercel

Security Software Engineer, IAM

VercelUnited States

Own IAM strategy and architecture across corporate and production environments. Migrate Okta to Terraform, enforce least-privilege access, and drive automation for provisioning and device management.

208k – 312k
Remote7+ YOESecurity Engineering
Replit

Third Party Risk Management and Customer Trust Lead

ReplitFoster City, CA

Lead substantive third-party risk management and customer trust programs at Replit, independently assessing vendor and AI model risks via SOC 2 reviews, architecture analysis, and contract redlining in partnership with Legal. Requires 8+ years GRC experience building scalable TPRM processes.

210k – 270k
Hybrid8+ YOESecurity Engineering
Alembic

Lead Security Engineer

AlembicSan Francisco, CA

Lead Security Engineer to own end-to-end system, network, and host security for an on-prem Kubernetes-based AI factory. Design controls, lead incident response, balance open culture with IP/customer data protection; requires 8+ years security engineering with deep Kubernetes, on-prem, and incident experience.

210k – 240k
On-site8+ YOESecurity Engineering
Betterment

Sr. Engineering Manager, Application Security

BettermentNew York, NY

Senior Engineering Manager leading Application Security squad to build secure software by default through threat modeling, design reviews, vulnerability management, and developer tooling. Requires hands-on team leadership and expertise across the AppSec stack.

210k – 250k
Hybrid7+ YOESecurity Engineering
Replit

Senior Software Engineer, Fraud

ReplitFoster City, CA

Build and operate AI-powered fraud and abuse detection systems on Replit's agentic platform. Design LLM guardrails, ML classifiers, and automated response mechanisms to combat phishing, cryptomining, and platform exploitation.

210k – 265k
Hybrid4+ YOESecurity Engineering