ZenGRC is looking for a Senior Cloud Security Engineer to join our fully remote team. You will take on the critical responsibility of securing the cloud-native infrastructure that powers our SaaS platform and internal processes. This role is perfect for a hands-on engineer who is passionate about designing, building, and defending highly scalable and secure cloud environments.
What You'll Do
- Help drive effective security detection and response across our production platform.
- Design, evaluate, and implement architectural security standards for our AWS, Azure, and PaaS cloud platforms.
- Partner directly with internal DevOps and Platform teams to build security into every stage of the infrastructure-as-code lifecycle.
- Review architecture and product development pitches to ensure security and privacy by design.
- Manage a robust vulnerability management program specifically tailored to our cloud environments.
- Develop strategies to respond to and recover from security incidents affecting the platform.
- Implement tools, including runtime and build-level controls, to assist in threat detection and prevention.
- Own cloud security controls end-to-end, including the design, monitoring, and remediation of control failures.
What We're Looking For
- Experience working within a fast-paced SaaS company and understanding the unique security challenges of a cloud-first environment.
- A requirement for this role is having worked in a B2B SaaS company providing cloud-hosted services to customers.
- Comfortable with IaC tools such as Terraform / Spacelift as well as other engineering tools such as CircleCI and Git.
- Comfortable reading cloud configurations and understanding architecture from the code up.
- Comfortable with a scripting language (e.g., Python, PowerShell) to parse data or comb through logs efficiently.
- Possess extensive knowledge of AWS and/or Azure and other cloud platforms, with demonstrated expertise in designing secure cloud, application, and system architectures.
- Intimately familiar with cloud-native security tooling, logging, identity management, and security policy.
- Have a working knowledge of incident response processes and strategies and are familiar with computer forensic tools and methods.
- Familiar with a query language (e.g., jQL, SQL, Splunk) and are comfortable combing through datasets during an incident.
- An excellent communicator, capable of thriving and driving initiatives in a distributed, asynchronous work environment.
- An effective collaborator and communicator both cross-functionally and functionally.
- Approach security as a business enabler, with a passion for striking the right balance between security, usability, and agility.
- Bring a measured, risk-based approach to solving security risks and challenges.
- Recognize documentation as a critical tool for showing impact and value.
Technical Stack
- AWS, Azure, PaaS
- Terraform, Spacelift, CircleCI, Git
- Python, PowerShell
- jQL, SQL, Splunk
Team & Environment
You will report to the Senior Manager, Internal Security.
Benefits & Compensation
- Compensation: $140,000 to $175,000 base salary + equity.
- 100% remote work environment.
- Generous paid time off policy, including vacation, sick time, and paid holidays.
- 12 weeks of paid parental leave.
- Highly competitive and comprehensive medical, dental, and vision benefits plans.
- 401(k) with a 5% contribution regardless of employee contribution.
- Life and Disability insurance plans.
- Stock options for all full-time employees.
- One-time $500 reimbursement for building/upgrading home office.
- Annual allowance for education and professional development assistance.
- $75 USD/month digital reimbursement.
- Access to the BetterUp platform for coaching, personal, and professional growth.
Work Mode
This is a fully remote position open to candidates across the United States.
Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are. We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.
