Staff Security Engineer

Summary

Join CloudQuery's core team as a Staff Security Engineer, shaping our security strategy and ensuring infrastructure and operations meet industry standards. Lead SOC2 attestation, oversee risk management, and collaborate with various teams on security initiatives. Manage MDM and security software, implement security tools and practices, and develop security policies. Conduct risk assessments, audits, and security awareness training. Lead incident response and maintain thorough documentation. This is a high-impact, hands-on role with significant opportunities for career advancement.

Requirements

• 6+ years of experience in IT security, with a strong track record in managing security risk
• Experience leading SOC2 and similar certification processes, with hands-on experience in compliance, audits, and security frameworks
• Solid understanding of MDM solutions, endpoint security, and IT management
• Strong familiarity with cloud platforms, security best practices, and DevOps processes
• Experience in security incident management, threat detection, and vulnerability assessments
• Excellent communicator with the ability to clearly document security processes and present them to both technical and non-technical stakeholders
• Self-driven, resourceful, and able to thrive in a remote-first environment
• A passion for security, automation, and ensuring development velocity without compromising on safety

Responsibilities

• Collaborate with engineering, product, and executive teams to design and implement security initiatives
• Lead end-to-end efforts to achieve SOC2 attestation and other relevant certifications
• Manage MDM (Mobile Device Management) and other security software to enforce company-wide security policies
• Oversee the implementation of security tools and practices across all departments, including DevOps, engineering, and corporate systems
• Develop and maintain security policies, standards, and procedures that meet compliance requirements and best practices
• Conduct regular risk assessments, audits, and reviews to identify and mitigate potential security threats
• Drive security awareness and training initiatives to ensure all team members understand security best practices
• Stay up to date with emerging security trends and technologies to continuously improve the security posture of CloudQuery
• Lead incident response planning, simulation, and real-time handling of security incidents
• Prepare and maintain thorough documentation for security measures, processes, and risk management activities

Benefits

• Remote-first company!
• Competitive pay with significant options pack upside
• Remote-friendly environment and culture that nurtures company and team events to stay connected
• High-impact role with lots of responsibilities and opportunities for career advancement