Cloud Security Engineer

About the Role Hex Technologies is seeking a skilled Cloud Security Engineer to enhance our security team. In this pivotal role, you will be responsible for safeguarding our cloud infrastructure and ensuring its resilience. You will lead cloud security initiatives and work closely with infrastructure and engineering teams to protect our cloud-native applications. Key Responsibilities: Design, implement, and oversee security solutions and controls for AWS environments and Kubernetes clusters, ensuring effective isolation and sandboxing for Hex’s RCE-as-a-Service platform. Develop, deploy, and maintain infrastructure-as-code utilizing Terraform, while upholding stringent security standards. Perform comprehensive security assessments, threat modeling, and audits on AWS cloud infrastructure and Kubernetes deployments. Collaborate with development and operations teams to integrate security best practices into CI/CD pipelines. Monitor and respond to cloud security incidents, identify root causes, and propose remediation measures. Provide in-depth expertise on compliance requirements related to cloud security, including SOC 2, ISO 27001, GDPR, HIPAA, and PCI DSS. Mentor fellow engineers and advocate for cloud security initiatives throughout the organization. Qualifications: 5+ years of experience in cloud security engineering, particularly with AWS. Proven expertise in Kubernetes security, including cluster hardening, role-based access control (RBAC), network policies, and container vulnerability management. Expertise in Terraform with hands-on experience. Familiarity with AWS security services such as IAM, GuardDuty, Security Hub, CloudTrail, and WAF. Knowledge of CNAPP solutions like Wiz and SIEM solutions such as Panther. Strong understanding of secure software development lifecycle practices, CI/CD security, and DevSecOps methodologies. Relevant certifications such as AWS Certified Security – Specialty, Certified Kubernetes Security Specialist (CKS), and Terraform Associate certification are highly desirable. Additional security certifications from SANS or OffSec are a plus. Exceptional problem-solving, communication, and leadership skills.

About the Role mercor is hiring a Cloud Infrastructure Security Engineer in San Francisco or New York City. This role focuses on protecting cloud-based systems and data across the company. The engineer will design, implement, and monitor security controls to defend cloud infrastructure against threats. What You Will Do Develop and maintain security measures for cloud environments Monitor cloud infrastructure for vulnerabilities and incidents Respond to security threats and support incident investigations Work to ensure compliance with industry security standards Contribute expertise to strengthen overall security posture Location This position is based in San Francisco or New York City.

Role Overview mercor is hiring a Cloud Infrastructure Security Engineer in San Francisco. This role focuses on protecting cloud systems, maintaining data integrity, and applying security protocols to guard against new threats. Collaboration with cross-functional teams is central to designing and maintaining secure cloud environments.

The Senior Cloud Security Engineer role at Aurora Innovation centers on building and maintaining resilient, automated security systems that support the company’s self-driving technology. Based in San Francisco, this position works within the Cloud Security engineering team and collaborates closely with both infrastructure and application groups. Day-to-day work covers a mix of infrastructure security, workload protection, and hardening CI/CD pipelines. The team uses a blend of open-source tools, such as OPA, Trivy, and Spire, alongside commercial products, with an emphasis on custom automation that strengthens Aurora’s security posture. Deciding when to adopt off-the-shelf solutions or develop new ones is part of the job. Key Responsibilities Secure cloud environments by: Managing IAM roles and policies Enforcing security controls Building security boundaries for resources and services Providing security guidance for Cloud and Kubernetes Create automation to address security challenges at their source Design, build, and configure security infrastructure on platforms such as AWS, Azure, or GCP Work with cross-functional teams to implement and maintain security best practices This position values hands-on problem solving, a thoughtful approach to tool selection, and a collaborative mindset. The work directly supports Aurora’s mission to deliver safe and efficient self-driving solutions.

At Lyft, we are dedicated to connecting people and creating a community where every team member feels valued and empowered to reach their full potential.As a pivotal player in transforming how our communities move, Lyft's engineering team is rapidly expanding. We are seeking passionate Software Engineers specialized in Security to join our dynamic Security team. Together, we will enhance our ability to deliver secure services at scale.Lyft is entrusted with the sensitive information of both drivers and passengers, and we take the responsibility of safeguarding that data seriously. Our Security team spearheads initiatives across the organization to protect our systems and uphold user trust.Our work encompasses designing and building a robust security architecture, collaborating with various teams during the development and launch of new products, anticipating potential challenges, and managing security incidents effectively. Our impact spans the entire organization, covering all aspects of the technology stack, including infrastructure, web applications, mobile apps, IT, and even autonomous vehicles. We adopt an engineering-focused approach to security, aiming to automate and streamline our processes while ensuring frequent updates. Explore more about our innovations on our blog at https://eng.lyft.com/tagged/security.The Cloud Security team is dedicated to enhancing Lyft's security posture by architecting a comprehensive security model tailored for our cloud infrastructure, protecting both our employees and intellectual property.As a Senior Software Engineer, you will play a crucial role in shaping this team and driving high-impact security initiatives. Your responsibilities will include leading security reviews, implementing detection measures, addressing vulnerabilities, enforcing the principle of least privilege, and establishing secure configurations for our multi-cloud and container environments.

Join Perplexity as a Senior Cloud Security Engineer and play a pivotal role in transforming how users search and interact with the internet. As a key member of our innovative security team, you will spearhead initiatives to construct and sustain secure and scalable cloud infrastructure, enabling our engineers to innovate swiftly and securely.Core ResponsibilitiesCollaborate with infrastructure and engineering teams to embed security measures into development processes and advocate for secure-by-default practices.Develop Terraform modules that incorporate essential security features, including logging, encryption, and automated threat detection.Implement cloud-native detection capabilities utilizing AWS GuardDuty, Security Hub, and tailor-made detection rules to uncover credential breaches, crypto-mining, and lateral movements.Ensure compliance with SOC 2 Type II and ISO 27001 by automating the collection of cloud control evidence.Conduct security assessments of cloud resource configurations using tools like AWS Config and Open Policy Agent, addressing discrepancies in line with CIS Benchmarks and internal security policies.Fortify CI/CD and supply chain pipelines through controls such as artifact signing, secret scanning, and dependency monitoring.Implement zero trust principles via stringent network segmentation, authentication, and authorization across cloud environments.Engage in security on-call rotation, responding to security alerts and incidents for prompt resolution and root cause analysis.

CoreWeave is seeking a Security Engineering Manager to lead the Platform Security team. This position is based in Livingston, NJ, New York, NY, Sunnyvale, CA, Bellevue, WA, or San Francisco, CA. The team’s mission is to embed security into CoreWeave’s Kubernetes-based platform and public cloud environments, supporting high-performance infrastructure for AI and machine learning workloads. Role overview This manager will oversee and expand the Platform Security engineering team, reporting to the Senior Director of Security Foundations. The focus is on hands-on leadership and technical execution, with an emphasis on building and implementing security controls rather than policy development. The role requires close collaboration with Infrastructure, Platform Engineering, Site Reliability Engineering, and other security teams to ensure security measures keep pace with business growth and evolving needs. What you will do Lead and grow the Platform Security engineering team. Integrate security into Kubernetes infrastructure and public cloud platforms such as AWS, GCP, and Azure. Define and execute strategies for cloud security posture, workload isolation, platform guardrails, image integrity, and multi-cloud security. Develop and implement security controls across CoreWeave’s infrastructure. Work closely with other technical teams to align platform security with business needs. The Platform Security team The Platform Security team at CoreWeave engineers systems that enforce security at the infrastructure layer. Their work spans both CoreWeave’s own Kubernetes-based platform and third-party public cloud environments. The team supports GPU-accelerated infrastructure for demanding AI and machine learning workloads, ensuring that both customer and internal services remain secure as CoreWeave’s global presence expands.

As digital transformation accelerates, the need for robust cloud security solutions becomes vital. Britive stands at the forefront of this evolving landscape, offering an innovative privileged access management platform designed to deliver comprehensive Privileged Access Visibility, Dynamic Privilege Management, and Secrets Governance across diverse cloud environments, platforms, and SaaS applications.Our cutting-edge, patent-pending technology is already in use by numerous Fortune 500 companies, solidifying our reputation as one of the most promising startups in the Cloud Security sector. Founded by seasoned veterans in the CyberSecurity field, Britive is supported by leading venture capital firms, ensuring a solid foundation for growth and innovation.About YouYou are a dedicated Software Engineer eager to create and enhance our multi-tenant SaaS applications on the AWS platform. With a solid software engineering foundation and an in-depth understanding of AWS tools and services, you are ready to contribute from day one. Your positive, proactive attitude and enthusiasm for delivering technical solutions in a dynamic startup environment will be key to your success.Your ImpactKey Responsibilities:Design and develop a large-scale application stack operating on AWS.Collaborate with cross-functional teams to implement new features and enhancements.Maintain and optimize existing systems for improved performance and scalability.Ensure high-quality code through best practices and thorough testing.

Join Hive as a Cybersecurity Engineer and play a pivotal role in fortifying our security infrastructure. We are seeking a proactive and skilled individual with a strong background in information security. In this role, you will be responsible for safeguarding sensitive company data, managing potential security incidents, and implementing robust security and data governance measures. You will collaborate across various teams to lead security operations, conduct risk assessments, respond to incidents, and maintain security projects. Our ideal candidate is passionate about AI and committed to enhancing our security framework to meet evolving challenges.

RDQ226R609 - This position is open to candidates located anywhere in the United States. At Databricks, we are passionate about empowering data teams to tackle the world’s most challenging issues, from detecting security threats to advancing cancer drug development. We achieve this by building and operating an exceptional data and AI infrastructure platform, allowing our clients to concentrate on the critical challenges that define their missions. As a key member of the Security Continuous Monitoring team, you will be instrumental in developing and scaling Databricks Security systems on our platform. Your responsibilities will include designing, testing, and implementing data pipelines to evaluate the security configurations of Cloud, SaaS, and on-premise tools. You will create and deploy reliable supporting security tools for managing and assessing security posture, integrate with third-party applications, and engage with cloud APIs (AWS, Azure, GCP, Terraform). You will lead and oversee projects from conception to completion, facilitating data collection and integration with our vulnerability and threat detection initiatives. In this role, you will be an individual contributor on the Security Continuous Monitoring team, reporting directly to the Director of Continuous Monitoring.

Location: San Francisco Transforming Security for Developers.At Aikido, we recognize that traditional security tools are outdated and cumbersome, often impeding development workflows instead of enhancing them. Our mission is to create developer-centric security solutions that effectively minimize risk while allowing teams to focus on delivering exceptional software. We prioritize what truly matters, automating the rest to streamline the development process.Since our inception in 2022, we have gained significant traction, securing $85 million in funding and achieving unicorn status. Our vision is to build self-securing software, and we invite you to be part of our all-star team that thrives on innovation, ownership, and impact.We are seeking a dynamic Cloud Advocate to strengthen Aikido's presence within the cloud and security communities. This pivotal role acts as a bridge between our product team and the community, helping engineers and security teams grasp the significance of our innovations. You will translate intricate concepts related to code, cloud, and runtime security into engaging content and foster meaningful dialogues within the community.If you have a background as a cloud engineer, DevOps engineer, or in a technical customer-facing capacity, and you possess a passion for knowledge sharing and community engagement, we would love to hear from you.

At Thinking Machines Lab, our mission is to empower humanity by advancing collaborative general intelligence. We are dedicated to building a future where everyone can access the knowledge and tools necessary to harness AI for their unique needs and objectives.We are a team of scientists, engineers, and builders who have developed some of the most widely used AI products, including ChatGPT and Character.ai, and contributed to open-weight models like Mistral, along with popular open-source projects such as PyTorch, OpenAI Gym, Fairseq, and Segment Anything.About the RoleWe are seeking an Infrastructure Engineer to take charge of evolving the security infrastructure that supports our foundational models. In this pivotal role, you will collaborate across computing, storage, networking, and data platforms to ensure our systems remain secure, reliable, and scalable. You will design controls, architecture, and tooling that embed security into the platform's core functionalities. Working closely with research and product teams, you will enable them to operate swiftly while safeguarding our models, data, and environments.Note: This is an "evergreen role" that we maintain for ongoing interest. While we receive numerous applications, there may not always be an immediate position that perfectly matches your skills and experience. We encourage you to apply, as we continuously assess applications and reach out to candidates when new opportunities arise. Feel free to reapply if you gain more experience, but please refrain from applying more than once every six months. Additionally, we occasionally post openings for specific roles to meet project or team-specific needs, and in those cases, you are welcome to apply directly in conjunction with this evergreen role.What You’ll DoDesign security patterns for platforms and services, including network segmentation, service-to-service authentication, RBAC, and policy enforcement in Kubernetes and cloud environments.Oversee identity, access, and secrets management for users and services: workload and cross-cloud identity, least-privilege IAM, and secrets management.Create secure platforms for data ingestion, processing, and curation, encompassing classification, encryption, access controls, and safe sharing practices across teams.Develop threat models and review designs with researchers and engineers to facilitate safe and scalable feature launches.Automate security checks and implement guardrails: policy-as-code, secure infrastructure baselines, CI/CD validation, and tools that streamline secure operations.

About UsXOXO AI is an innovative research laboratory dedicated to shaping the future of intelligence for everyday life. Our dynamic team of skilled engineers, designers, and researchers is committed to discovering transformative solutions for challenges that extend beyond the workplace.Following a significant breakthrough in infrastructure, architecture, and model layers, we are on the lookout for dedicated builders to develop the interface and application layer that will actualize our visionary goals.About the RoleWe are seeking a seasoned Security Engineer to safeguard our systems and uphold user trust. Your role will involve fortifying our cloud infrastructure, enforcing access restrictions, and establishing tools and response mechanisms that ensure security as we scale. Collaborating with the founders and our engineering team, you will embed security as a fundamental principle in our development processes.What You’ll DoCollaborate with engineering, product, and research teams to integrate security throughout the development lifecycle, including threat modeling, design reviews, and secure defaults.Strengthen cloud infrastructure and enforce network topology standards such as subnets, firewalls, routing, and organizational security policies.Implement isolation and segmentation strategies to limit potential damage and prevent lateral movement.Develop and maintain security tools and automation for engineers, including CI/CD checks, scanning, and guardrails, driving findings to remediation.Enhance observability, detection, and incident response for security-related events such as intrusions, abuse patterns, DDoS attacks, and bots, ensuring rapid containment.Design and manage identity and access management systems for both users and services, alongside third-party integration controls, prioritizing private connectivity and the principle of least privilege.

Role OverviewAt Variance, we are at the forefront of teaching machines to execute high-stakes judgment calls on a large scale. This involves developing AI agents that navigate the complex domains of risk investigations, fraud detection, and identity verifications.Our San Francisco-based team is small yet exceptionally talented, comprising former founders and specialists from leading AI laboratories. We cater to an impressive clientele, including Fortune 500 companies, global marketplaces, and regulated financial institutions. If you are passionate about taking ownership, working swiftly, and collaborating closely with founders, you will thrive in our environment.We are seeking a Security Engineer to help establish a robust security foundation. You will collaborate across product, infrastructure, and internal systems to ensure that Variance is secure by design, enabling us to meet the rigorous standards needed to deploy AI in critical workflows for the world’s largest corporations.

About Cogent SecurityCogent Security is at the forefront of cybersecurity innovation, leveraging Applied AI to develop next-generation AI agents. In an era where cyber attacks evolve rapidly, our AI Taskforce analyzes vast amounts of enterprise data to proactively address vulnerabilities and prevent critical breaches.We combine pioneering research with practical execution, ensuring that our innovative solutions meet real-world challenges. Our Cogent Research division acts as our dedicated AI lab, driving the development of advanced security workflows.Since our emergence from stealth mode, we have rapidly grown, collaborating with Fortune 500 companies to secure complex production environments globally.Supported by Greylock, we have gathered a team of top talent from renowned institutions and leading organizations in the AI and cybersecurity sectors.About the RoleAs an Agent Engineer at Cogent Security, you will be pivotal in designing, building, and deploying critical AI agents tailored for complex client environments. Your role is highly cross-functional, involving direct collaboration with customers to understand their unique needs, adapting our platform accordingly, and iterating on scalable solutions to handle millions of real-world security events.You will manage projects from inception to deployment, including data onboarding and integrating feedback into our core agent platform. Your contributions will shape how AI agents detect threats, triage incidents, and automate security workflows for some of the most sophisticated organizations worldwide.This position is ideal for engineers who excel in dynamic environments, enjoy tackling complex technical challenges, and wish to see the tangible impact of their work.

Join Discord, a platform cherished by over 200 million users monthly, where gaming is at the heart of our community. With more than 90% of our users engaging in games, they collectively spend 1.5 billion hours enjoying thousands of unique titles on Discord every month. Our commitment is to enhance the gaming experience by facilitating enjoyable interactions before, during, and after gameplay.At Discord, we empower individuals to connect within diverse communities, and our users trust us to safeguard their conversations. Our Platform Security Engineering team is dedicated to fortifying the systems that underpin Discord, ensuring that the "secure way" becomes the "easy way." We are seeking a Staff Software Engineer to drive this mission forward through your security expertise, software development skills, and operational excellence. In this technical leadership role, you will identify and pursue impactful opportunities to mitigate security risks across our Engineering teams. You will design and implement user-friendly "paved paths" for managing identities, deploying code, configuring cloud infrastructure, and operating services effectively.If you are a security engineer with a profound curiosity, keen on tackling technically and socially complex projects, and motivated to enhance security and privacy at Discord, we encourage you to explore this opportunity further!

Join Perplexity, a pioneering organization at the forefront of AI and technology, as we seek a talented and proactive Offensive Security Engineer. In this critical role, you will be part of our innovative security team, adopting an adversarial mindset to fortify our infrastructure, applications, and AI systems. Your expertise will drive red team operations, penetration tests, and attack simulations across various environments—including our cloud infrastructure, web, and mobile applications. You will actively identify vulnerabilities before they can be exploited by adversaries, collaborating closely with engineering teams to implement effective remediations.Key ResponsibilitiesPlan and execute red and purple team engagements, simulating advanced threat actors across our cloud services (AWS, Kubernetes), endpoints, and application surfaces.Conduct thorough and ongoing penetration testing of web applications, APIs, mobile clients, browser extensions, cloud infrastructure, and internal services.Evaluate AI/ML-specific attack surfaces, tackling challenges such as prompt injection, model exfiltration, agent abuse, tool exploitation, and security boundaries of MCP.Develop and maintain custom offensive security tools, exploits, and automation to enhance the efficiency and scope of security testing.Perform open-scope adversary simulations to test detection and response capabilities, working closely with the defensive security team.Lead threat modeling sessions with engineering teams to identify and prioritize potential attack vectors in new features and architectures.Provide clear and actionable insights to both technical and executive audiences, collaborating with engineering teams to validate remediation efforts.Contribute to securing CI/CD pipelines, ensuring supply chain integrity, and managing secrets through offensive assessments.Remain informed about emerging attack techniques, vulnerability research, and adversarial tactics, bringing fresh insights to Perplexity's security strategy.

About Us:At Parafin, we are dedicated to empowering small businesses, which are the foundation of our economy. Traditional banking solutions often fall short in supporting these enterprises, and that's where we come in. We create technology that simplifies access to essential financial tools for small businesses through their existing sales platforms.We collaborate with notable partners such as DoorDash, Amazon, Worldpay, and Mindbody to provide fast, flexible funding options, spend management solutions, and savings tools to small business users via seamless integration. Parafin handles the complexities of capital markets, underwriting, servicing, compliance, and customer support for our partners.Our team consists of innovators from leading companies like Stripe, Square, Plaid, Coinbase, and Robinhood, all driven by a shared passion for developing tools that foster the success of small businesses. With backing from prominent venture capital firms including GIC, Notable Capital, Redpoint Ventures, Ribbit Capital, and Thrive Capital, Parafin is a Series C company that has raised over $194M in equity and $340M in debt facilities.Join us in creating a future where every small business has the financial resources they need.About the PositionWe are seeking an experienced security-focused engineer to enhance and scale Parafin's security measures across our cloud and platform environments. Our Security and Infrastructure team is responsible for the foundational systems that power all of Parafin—from compute and networking to identity management and compliance. You will play a crucial role in ensuring these systems are secure, reliable, and compliant.In this role, you will design and implement controls, tools, and processes that maintain the resilience and compliance of our infrastructure, all while enabling developers to operate swiftly and safely. You will collaborate closely with various engineering and compliance teams to bolster our approach to access management, application security, threat monitoring, and incident response.

Join Scale AI as a talented Infrastructure Security Engineer, where you'll play a pivotal role in safeguarding the integrity and security of our platform. This position focuses on securing expansive cloud environments, managing and fortifying various compute clusters, and reviewing infrastructure as code. Your proficiency in cloud security, infrastructure automation, and advanced security practices will be crucial in upholding and advancing our security framework.Your responsibilities include:Securing infrastructure across major cloud hosting platforms (e.g., AWS, Azure, GCP).Implementing and maintaining comprehensive security configurations and policies for cloud environments.Conducting regular security assessments and audits to identify vulnerabilities and propose enhancements.Developing and enforcing security best practices for infrastructure automation and orchestration.Collaborating with Developer Experience, IT, and product teams to integrate security into every phase of the infrastructure lifecycle.Reviewing and securing infrastructure as code (e.g., Terraform, CloudFormation).Mentoring team members on infrastructure security best practices and emerging threats.

At Crusoe, we are on a mission to accelerate the accessibility of energy and intelligence for everyone. Join us in creating the infrastructure that enables individuals to innovate boldly with AI, all while maintaining a commitment to scale, speed, and sustainability.Become a key player in the AI revolution through sustainable technology at Crusoe. Here, you will spearhead groundbreaking innovations, make a significant impact, and collaborate with a team dedicated to shaping the future of responsible cloud infrastructure.Role Overview:Crusoe AI is seeking a Senior Product Security Engineer to play a pivotal role in protecting our cloud products and applications, particularly those centered on AI/ML, throughout their entire lifecycle.In this position, you will lead the establishment and enforcement of security best practices within the development lifecycle. Your responsibilities will include performing comprehensive threat modeling, executing security assessments, and working closely with product and engineering teams to strengthen our security posture, ensuring the robustness of our innovative solutions and the protection of customer data.Your Daily Responsibilities:Collaborate with product and engineering teams to embed security best practices into the software development lifecycle.Conduct threat modeling, security architecture evaluations, design assessments, and code reviews for new product initiatives. Perform penetration testing, vulnerability assessments, and security evaluations of product features and systems.Create and implement security automation tools to monitor and test code and software for vulnerabilities.Establish and maintain secure coding protocols and procedures tailored for cloud and Kubernetes environments.Proactively detect and mitigate risks in user-facing processes and critical infrastructure.Lead security education, training, and mentorship initiatives to cultivate a culture of security awareness across all teams.Identify and manage security vulnerabilities, ensuring they are documented, prioritized, and addressed promptly.Qualifications for Success:You possess 4-6+ years of experience in Information Security, with a specialization in application or product security.You have proficiency in cloud platforms such as AWS, GCP, or Azure, and expertise in Kubernetes orchestration as well as automation scripting (e.g., Python).