Security Engineer

• Lead and execute cloud security initiatives that strengthen Webflow’s infrastructure and operational security posture. Responsibilities are grouped by scope and impact.
• Design, implement, and maintain secure AWS infrastructure following best practices (least privilege, network segmentation, encryption, monitoring).
• Partner with infrastructure and platform teams to embed security controls in CI/CD pipelines, infrastructure as code, and containerized environments.
• Own the cloud security posture management (CSPM) strategy, ensuring continuous compliance and automated detection of misconfigurations.
• Evaluate and deploy security tooling for cloud visibility, IAM governance, and intrusion detection.
• Collaborate with engineering teams to secure Kubernetes and containerized workloads, ensuring adherence to runtime and image scanning policies.
• Respond to and investigate cloud-related security incidents, providing technical expertise during triage and remediation.
• Contribute to the design and execution of Webflow’s cloud security roadmap, identifying areas for automation and scalability.
• Conduct threat modeling and risk assessments for cloud architecture and new service deployments.
• Develop internal tools and scripts to enhance cloud monitoring and detection capabilities.
• Stay current with evolving AWS services, vulnerabilities, and security trends — proactively identifying opportunities to enhance Webflow’s defenses.

Senior Security Engineer, Cloud Security

Security Compliance, Sales Enablement Specialist

Especialista en Seguridad