Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Boeing

Cloud Security Manager

Boeing

. Lead and grow the Policy-as-Code team responsible for security and compliance controls across Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP) .

Posted 5/21/2026full-timeSeattle • California, Illinois, Montana, Washington • 🇺🇸 United StatesMid-LevelSenior💰 $161,500 - $233,450 per yearWebsite

Tech Stack

Tools & technologies
AWSAzureCloudGoogle Cloud PlatformKubernetesTerraform

About the role

Key responsibilities & impact
  • Lead and grow the Policy-as-Code team responsible for security and compliance controls across Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP)
  • Define and operate a unified guardrail framework that enforces both security and compliance requirements (policy-as-code, admission controllers, Terraform guardrails)
  • Own the policy lifecycle: authoring, testing, versioning, staged rollout, monitoring, and deprecation of automated policies
  • Build continuous compliance automation: evidence collection, attestations, audit reporting, and remediation workflows that reduce manual audit effort
  • Integrate policy enforcement into Continuous Integration (CI)/Continuous Delivery (CD), Infrastructure as Code (IaC) pipelines, Developer Experience (DevEx) workflows, and account provisioning operated by Foundations
  • Establish operability criteria for policy enforcement (performance, false-positive tolerance, rollback procedures) and require operability signoff prior to production enforcement
  • Drive cross-team collaboration with Cloud Foundations, Platform Acceleration, DevEx, Runtime Site Reliability Engineer (SRE), Legal & Compliance, and Enterprise Security to ensure policies are accurate, testable, and adoptable
  • Respond to high-severity security or compliance incidents affecting the platform; lead technical remediation and convert findings into durable policy or platform changes
  • Track and report security and compliance Key Performance Indicators (KPIs); use telemetry to prioritize policy coverage and reduce risk
  • Contribute hands-on to critical policy implementations, admission controller integrations, or automation scripts as needed

Requirements

What you’ll need
  • 5+ years of experience in cloud security, platform security engineering, and/or cloud engineering
  • 5+ years of experience implementing policy-as-code and admission control for cloud and Kubernetes (e.g., Azure Policy, AWS Configuration, GCP Organization Policy, Open Policy Agent (OPA)/Gatekeeper, Coverity)
  • 3+ years of experience in leadership and/or team lead capacity
  • 3+ years of experience with cloud provider security primitives and compliance controls across Azure, AWS, and GCP (identity, encryption, networking, logging)
  • 3+ years of experience automating security and compliance controls in IaC and CI/CD pipelines (Terraform policy checks, pre-commit scanning, pipeline gates)
  • Experience producing automated audit evidence and supporting compliance frameworks (National Institute of Standard Technology (NIST), Federal Risk and Authorization management Program (FedRAMP), Service Organization Control 2 (SOC2), or equivalent)
  • Ability and willingness to perform hands-on technical work (policy modules, admission controllers, automation) alongside managerial duties

Benefits

Comp & perks
  • health insurance
  • flexible spending accounts
  • health savings accounts
  • retirement savings plans
  • life and disability insurance programs
  • a number of programs that provide for both paid and unpaid time away from work

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cloud securityplatform security engineeringpolicy-as-codeadmission controlTerraformKubernetesautomation scriptscontinuous compliance automationInfrastructure as Code (IaC)Continuous Integration (CI)/Continuous Delivery (CD)
Soft Skills
leadershipcross-team collaborationtechnical remediationcommunicationproblem-solving
Certifications
National Institute of Standards and Technology (NIST)Federal Risk and Authorization Management Program (FedRAMP)Service Organization Control 2 (SOC2)