Staff Engineer, Cloud Security

Summary

Join Unite Us as a Staff Cloud Security Engineer and become a key technical leader, designing, implementing, and improving cloud security infrastructure. You will collaborate with DevOps and engineering teams, embedding security into the software development lifecycle and mentoring team members. This role requires hands-on engineering and strategic guidance, shaping the company's security posture and enhancing developer experience. You will lead security solution implementation across various domains, maintain security policies, and collaborate on security assessments. The position also involves refining security monitoring, integrating security best practices into the SDLC, and providing expert guidance to engineering teams. You will research new security technologies, participate in incident response, and ensure compliance with relevant security regulations.

Requirements

• At least 8+ years of experience in information security, with a focus on security engineering
• 8+ years coding experience in one or more programming languages (e.g., Python, Bash) and automation tools
• Deep understanding of security principles, frameworks, and best practices
• Strong technical experience in AWS Cloud security
• Experience with Least Privilege AWS IAM Permissions Designs and Management
• Experience with Security monitoring, logging, and alerting tools (SIEM, MDR, etc)
• Knowledge and experience managing network security (firewalls, intrusion detection/prevention systems, VPNs)
• Proven track record managing application security and vulnerabilities (SAST/DAST, secure coding practices)
• Familiarity with DevOps and CI/CD pipelines and integrating security into these processes
• Strong problem-solving and analytical skills
• Ability to explain technical security concepts to both technical and non-technical audiences
• Excellent communication skills and the ability to work in a collaborative, fast-paced environment
• Ability to mentor engineers and lead by example
• Apply judgment and experience to balance trade-offs between competing interests
• Advocate for security best practices while minimizing friction with the end user experience

Responsibilities

• Lead the design and implementation of security solutions across various domains, including cloud security, network security, application security, and data protection
• Maintain security policies, standards, and procedures
• Collaborate on security assessments, vulnerability scanning, and penetration testing to identify and mitigate security risks
• Refine security monitoring and alerting systems to detect and respond to security incidents
• Collaborate with development teams to integrate security best practices into the software development lifecycle (SDLC)
• Provide expert-level guidance and support to engineering and operations teams on security-related matters
• Research and evaluate new security technologies and solutions to enhance our security posture
• Participate in incident response activities, including investigation, containment, and remediation of security incidents
• Contribute to secure code development training
• Mentor and coach engineering team members
• Stay up-to-date on the latest security threats, trends, and best practices
• Ensure compliance with relevant security regulations and standards (SOC 2, NIST, HIPAA, HITRUST, where applicable)
• Provide advanced troubleshooting support for security-related issues, ensuring minimal disruption to service delivery

Preferred Qualifications

• 10+ years of experience in information security, with a focus on security engineering
• You hold certifications such as CISSP, CISM, or AWS-related Security certifications
• Experience with threat modeling and risk assessment methodologies
• Experience with containerization and orchestration technologies (e.g., Docker, Kubernetes) and their security implications
• Contributions to the security community

Benefits

• Medical, Dental, and Vision
• We offer insurance to team members and eligible partners and dependents, including unlimited virtual mental health and acute medical visits
• Mental health benefits, such as the Employee Assistance Program (EAP) and wellness platform subscription, are available to all team members
• Flexible Time OffTake what you need, including volunteer days and mental health days. We also offer 14 paid, company-wide holidays
• Paid Parental LeaveAdoptive parents are included
• Employee Resource GroupsChoose to join any of our ERGs, which celebrate and support a diverse and inclusive workplace
• Spending AccountsWe offer tax-advantaged health savings accounts (HSAs), flexible spending accounts (FSAs), and commuter benefits
• 401(k) + Employer MatchEnjoy matching, immediate vesting and financial wellness resources
• Life and AD&D - a company paid benefit, with the option to purchase additional coverage for yourself and your dependents
• Disability Coverage
• Accident Insurance
• Pet Insurance