Job Title: Staff Security Engineer, Cloud Security Engineering
Role Summary
We are seeking a highly experienced Staff Security Engineer to join our Cloud Security Engineering team. The successful candidate will have expertise in cloud security engineering across AWS, Azure, and GCP.
The Role
This is a strategic and hands-on role that requires the ability to design, implement, and maintain secure cloud environments. You will be responsible for managing asset inventory and vulnerabilities, driving application security, and penetration testing initiatives. As a key member of our security team, you will play a crucial role in ensuring our cloud-native and distributed systems are secure by design.
Key Responsibilities
1. Cloud Security: Architect and implement security controls across AWS, Azure, and GCP environments.
2. Asset Inventory: Develop and manage systems to continuously track and secure cloud and on-prem assets.
3. Vulnerability Management: Identify, prioritize, and drive remediation of vulnerabilities across infrastructure and applications.
4. Application Security: Perform code reviews, threat modeling, and support DevSecOps integration in CI/CD pipelines.
5. Penetration Testing: Plan and conduct internal penetration testing and coordinate with third-party testers.
6. Automation & Tooling: Build security tooling and automation to enhance detection and response capabilities.
7. Collaboration: Work with engineering and DevOps teams to embed security best practices across services and deployments.
8. Compliance Support: Ensure alignment with internal policies, industry best practices, and regulatory requirements.
Your Background
To be successful in this role, you will need:
1. Extensive years' experience in cybersecurity, with deep experience in cloud and application security.
2. Cloud Platforms: Strong hands-on experience with AWS, Azure, and GCP security tools and architecture.
3. Technical Expertise: Knowledge of network protocols, identity and access management, encryption, and secrets management.
4. Tools & Languages: Experience with vulnerability scanners, SAST/DAST tools, Infrastructure-as-Code (Terraform, CloudFormation), and languages such as Python or Go.
5. Certifications: Relevant certifications (e.g., AWS Security Specialty, GCP Professional Cloud Security Engineer, CISSP, OSCP) are a plus.
6. Communication: Strong written and verbal communication skills; able to influence and educate technical and non-technical stakeholders.
About Us
Protecting people is at the heart of our award-winning lineup of cybersecurity solutions, and the people who work here are the key to our success. We're a customer-focused and driven-to-win organization with leading-edge products. We are an inclusive, diverse, multinational company that believes in culture fit, but more importantly 'culture-add', and we strongly encourage people from all walks of life to apply.
We believe in hiring the best and the brightest to help cultivate our culture of collaboration and appreciation. Apply today and explore your future at Proofpoint.