Cloud Security Engineer • Senior

Who you are

You have a strong background in cloud security, with at least 5 years of experience designing and implementing security controls in multi-cloud environments. Your expertise spans AWS, Azure, and GCP, and you are well-versed in security frameworks such as ISO 27001 and SOC 2. You possess a proactive, automation-first mindset and are comfortable working independently in a fast-paced environment.

You are skilled in Infrastructure as Code (IaC) practices, particularly with tools like Terraform and CloudFormation, enabling you to deploy secure infrastructure consistently and at scale. Your experience includes implementing rigorous security configuration benchmarks, specifically CIS Level 2 and DISA STIGs, across various compute environments. You have a solid understanding of threat modeling and risk analysis, which you apply to enhance security posture.

You hold relevant industry certifications such as CISSP or CCSP, demonstrating your commitment to maintaining high standards in security practices. Your ability to communicate complex security concepts to both technical and non-technical stakeholders makes you an effective collaborator within cross-functional teams.

Desirable

Experience in both large enterprise environments and agile startup settings is a plus, as it equips you with the ability to balance process and innovation. Familiarity with security automation tools and practices will further enhance your contributions to the team.

What you'll do

In this role, you will be responsible for designing and managing security best practices and controls for services hosted across AWS, Azure, GCP, and OCI environments. You will act as the subject matter expert for security automation, leveraging your skills in CloudFormation and Terraform to ensure secure infrastructure deployment.

You will implement and enforce security configuration benchmarks across all compute environments, ensuring compliance with industry standards. Conducting formal threat modeling and risk analysis will be part of your responsibilities, allowing you to proactively identify and mitigate potential security risks.

You will collaborate closely with engineering teams to integrate security into the development lifecycle, ensuring that security considerations are embedded from the outset. Your role will also involve maintaining controls for security frameworks such as ISO 27001 and SOC 2, contributing to the overall security posture of the organization.

What we offer

Zimperium provides a dynamic work environment where you can make a significant impact on mobile security. You will have the opportunity to work with cutting-edge technologies and contribute to innovative solutions that protect users from advanced mobile cyberattacks. We encourage you to apply even if your experience doesn't match every requirement, as we value diverse perspectives and backgrounds in our team.

We offer competitive compensation and benefits, along with opportunities for professional growth and development. Join us in our mission to provide world-class mobile threat defense solutions and help shape the future of mobile security.