SpyCloud

Senior Security Engineer, Cloud Security

SpyCloud

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSCloudPythonTerraform

About the role

  • Design, implement, and operate cloud security controls across production and internal environments (primarily AWS).
  • Own cloud posture management workflows (risk-based triage, exception handling, and automated remediation).
  • Build and maintain secure-by-default templates and modules (standards, defaults, account structure, secret management, segmentation).
  • Embed policy-as-code and IaC security controls into CI/CD (PR checks, drift detection) to prevent misconfigurations.
  • Reduce external and cloud risk by:
  • Own attack surface discovery/governance and baseline edge protections (e.g., WAF/rate limiting).
  • Drive automation for triage/remediation and operational efficiency by reducing repeat misconfigurations/toil (triage, routing, dedupe, validation, reporting).
  • Standardize cloud logging/telemetry and ensure it integrates cleanly into detection/IR workflows.
  • Work cross-functionally with Product, IT, DevOps, and Engineering to drive best practices and improve baseline security across the whole org.
  • Create pragmatic documentation, runbooks, and enablement materials that help teams self-serve, safely.
  • Support cloud/edge incident response: containment playbooks, root cause, and follow-up fixes.
  • Lead design reviews and threat models for platform/infrastructure (networking/segmentation, service-to-service access, secrets/encryption, logging/monitoring).
  • Drive continuous improvement of processes, procedures, and tools used across the security engineering organization.

Requirements

  • 5+ years combined experience in software engineering, infrastructure/platform engineering, and/or security engineering (with meaningful cloud/platform depth).
  • Strong understanding of securing distributed, cloud-native, high-availability environments.
  • Hands-on AWS experience: designing and operating secure systems (networking, IAM boundaries, logging/monitoring, encryption, service architectures).
  • Experience with Infrastructure-as-Code (Terraform preferred).
  • Ability to build and maintain tools/automation (Python preferred; strong engineering fundamentals required), including working effectively in Git-based workflows (branching strategies, PRs/code review, CI/CD integration, and resolving merge conflicts).
  • Experience in at least one of:
  • External attack surface discovery/remediation, and/or
  • Edge protection controls (e.g., WAF), and/or
  • Cloud posture/misconfiguration reduction at scale.
  • While very rare, this position may require occasional after-hours work to support incident response efforts and mission-critical security services.
Benefits
  • 401(k) with Employer Contribution
  • Health, Vision, and Dental Insurance
  • Health Savings Account (HSA) available with Employer Contribution
  • Employer Paid Life, Short-term, and Long-term Disability Insurance
  • Generous PTO Plan and 16 paid holidays per year
  • Retirement Savings Plan with Employer Contribution
  • Employer Provided Private Health Insurance and Healthcare Cashplan
  • Employer Paid Life Insurance and Income Replacement
  • Generous Holiday Plan and 14 paid holidays per year
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cloud security controlsAWSInfrastructure-as-CodeTerraformPythonnetworkingIAMloggingencryptionCI/CD
Soft Skills
cross-functional collaborationdocumentationprocess improvementleadershipcommunication