Cloud Security Engineer

Virta Health

Cloud Security Engineer securing applications for Virta Health, reversing metabolic diseases. Leading application security initiatives and collaborating across teams for secure development practices.

Posted 4/30/2026full-timeRemote • 🇺🇸 United StatesMid-LevelSenior💰 $145,491 - $187,900 per yearWebsite

Tech Stack

Tools & technologies

CloudGoGoogle Cloud PlatformKubernetesPythonTerraform

About the role

Key responsibilities & impact

Own and Enhance Security Design: Assess our current security controls within GCP and Kubernetes, identify areas for improvement, and drive the maturation of our security posture from good to great.
Champion Secure Development: Partner closely with Engineering, Product, and Platform teams to integrate security best practices early and often ("shift-left") into the software development lifecycle.
Build and Automate: Design, implement, and manage security tooling and automation to streamline vulnerability detection, remediation, and compliance verification. Replace manual processes with efficient, automated solutions.
Refine Access Control: Evolve our identity and access management (IAM) strategy, ensuring least-privilege access and robust auditing capabilities across our systems.
Strengthen Network Security: Continuously improve our network security architecture, policies, and controls within our cloud environment.
Develop Clear Standards: Establish, document, and communicate practical security policies, standards, and guidelines for engineering teams.
Lead Security Initiatives: Drive vulnerability management efforts and enhance our incident response preparedness, ensuring we are ready to handle potential threats effectively.
Cultivate Security Awareness: Act as a security evangelist, promoting security awareness and best practices throughout the engineering organization.

Requirements

What you’ll need

Understanding and practical experience in securing cloud-native applications and infrastructure, particularly in Kubernetes environments. GCP experience is strongly preferred.
Strong grasp of networking concepts, identity management (IAM), encryption, and common web application vulnerabilities (e.g., OWASP Top 10).
Excellent communication skills with the ability to clearly articulate complex security concepts to diverse audiences and influence technical direction across teams.
Significant hands-on experience in application security, including threat modeling, secure coding practices, vulnerability management, and security testing (SAST, DAST, IAST).
Proficiency in Infrastructure as Code (IaC) tools, specifically Terraform.
Development experience with Go and Python.

Benefits

Comp & perks

Offers Equity 📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cloud-native securityKubernetesGCPnetwork securityidentity and access managementencryptionapplication securitythreat modelingsecure coding practicesvulnerability management

Soft Skills

communicationinfluencingsecurity awarenesscollaboration