Cloud Security Engineer

Summary

Join WorkOS's Security team as a Cloud Security Engineer to protect our infrastructure, data, and systems. You will focus on securing our cloud environments and infrastructure, ensuring everything is configured with least privilege and built to withstand real-world threats. This hands-on role blends security engineering with deep infrastructure context, requiring collaboration with Infra and SRE teams to improve visibility, tighten controls, and embed security into our cloud-native architecture. We seek an engineer experienced in securing cloud-native infrastructure, working across IAM, network architecture, container security, and infrastructure as code. The ideal candidate thinks systematically about risk reduction, balances security with developer velocity, collaborates effectively, and is proactive and curious. The role involves designing and implementing security controls, identifying and resolving misconfigurations, improving tooling and automation, and contributing to threat modeling and incident response.

Requirements

• Experience securing cloud infrastructure (we use AWS) in a production environment
• Familiarity with IAM, networking, Kubernetes, and infrastructure as code (Terraform preferred)
• Understanding of cloud attack techniques and how to mitigate them
• Comfort working independently and collaboratively in a high-autonomy environment

Responsibilities

• Design and implement security controls across our AWS environments and Kubernetes infrastructure
• Identify and resolve misconfigurations, over-permissive access, and vulnerable patterns in cloud resources
• Improve tooling and automation for IAM, secrets management, and resource provisioning
• Partner with Infrastructure and SRE teams to embed security into infrastructure design and CI/CD workflows
• Define and monitor for cloud security signals—unusual access, configuration drift, privilege escalation paths
• Contribute to our threat modeling, risk assessments, and security incident response
• Help with audit and compliance readiness (SOC 2, ISO 27001), focusing on scalable enforcement rather than checklists
• Document systems and build internal security knowledge and shared context

Preferred Qualifications

• Experience building internal security tooling or automation
• Familiarity with compliance frameworks (SOC 2, ISO 27001)

Benefits

• Competitive pay
• Substantial equity grants
• Healthcare insurance (Medical, Dental and Vision) for you and your family
• 401k matching
• Wellness and fitness monthly allowances
• PTO + paid holidays + unlimited sick leave
• Autonomy and flexibility with remote work