You’ll lead and execute cloud security initiatives that strengthen Webflow’s infrastructure and operational security posture. Responsibilities are grouped by scope and impact.
Perform infrastructure security reviews across cloud services, network design, IAM, and platform components.
Design, implement, and maintain secure AWS and GCP infrastructure following best practices (least privilege, network segmentation, encryption, monitoring).
Partner with infrastructure and platform teams to embed security controls in CI/CD pipelines, infrastructure as code, and containerized environments.
Own the cloud security posture management (CSPM) strategy, ensuring continuous compliance and automated detection of misconfigurations.
Collaborate with engineering teams to secure Kubernetes and containerized workloads, ensuring adherence to runtime and image scanning policies.
Respond to and investigate cloud-related security incidents, providing technical expertise during triage and remediation.
Contribute to the design and execution of Webflow’s cloud security roadmap, identifying areas for automation and scalability.
Conduct threat modeling and risk assessments for cloud architecture and new service deployments.
Translate raw findings into actionable engineering fixes, not just tickets or reports.
Design and build internal security services, APIs, and tools that automate infrastructure vulnerability detection, triage, reporting, and remediation.
Develop security automation that integrates with CI/CD, cloud control planes, and developer workflows to shift detection and remediation earlier in the lifecycle.
Experiment with and operationalize agentic and AI-assisted approaches to security detection, analysis, and response as the threat landscape evolves.

Requirements

Have 5+ years of experience in cloud security, infrastructure engineering, or security automation (with at least 3 years focused on AWS and GCP).
Demonstrate strong knowledge of AWS and GCP services and security controls.
Have hands-on experience securing Kubernetes and containerized workloads.
Are proficient with infrastructure as code (Pulumi, Terraform, CloudFormation).
Understand network security concepts including firewalls, segmentation, and zero trust.
3+ years of automation script authoring for security tasks using Python, Go, Javascript, Typscript, or similar languages. Comfortable architecting automation solutions using full stack components.
Are comfortable operating in ambiguous, fast-changing environments, adapting tooling and approaches as threats and technologies evolve.
Bring a proactive, builder’s mindset — identifying and closing gaps before they become issues.

Benefits

Ownership in what you help build. Every permanent Webflower receives equity (RSUs) in our growing, privately held company.
Health coverage that actually covers you. Comprehensive medical, dental, and vision plans for full-time employees and their dependents, with Webflow covering most premiums.
Support for every stage of family life. 12 weeks of paid parental leave for all parents and 6+ weeks of additional paid leave for birthing parents. Plus inclusive care for family planning, menopause, and midlife transitions.
Time off that’s actually off. Flexible vacation, paid holidays, and a sabbatical program to help you recharge and come back inspired.
Wellness for the whole you. Access to mental health resources, therapy and coaching.
Invest in your future. A 401(k) with 100% employer match (up to $6,000/year) in the U.S., and support for retirement savings globally.
Monthly stipends that flex with your life. Localized support for work and wellness expenses — from Wi-Fi to workouts.
Bonus for building together. All full-time, permanent, non-commission employees are eligible for our annual WIN bonus program.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cloud securityinfrastructure engineeringsecurity automationAWSGCPKubernetesinfrastructure as codePythonGoautomation solutions

Soft Skills

proactive mindsetadaptabilitycollaborationproblem-solvingcommunication