Senior Cloud Security Engineer

What we are looking for

We’re searching for a Senior Cloud Security Engineer. You will be part of the Cloud Security engineering team dedicated to building resilient, automated security systems at scale. 

Cloud security collaborates with infrastructure and application teams closely. The areas we cover are infrastructure security, workload security, and CI/CD hardening.

Our team is dedicated to building resilient, automated systems at scale. We take a hybrid approach to our toolkit: we utilize the best of open-source (OPA, Trivy, Spire) and COTS products, while still writing custom code to automate workflows and harden our global digital integrity. You’ll help us strike the perfect balance between leveraging existing solutions and building custom ones from the ground up.

In this role you will

• Secure Aurora’s cloud environment in the areas of but not limited to:
• Manage IAM roles and policies
• Enforce security controls
• Construct security boundaries for resources and services
• Provide security guidance involving Cloud and Kubernetes
• Create automation to solve security problems at the root
• Design, build, and configure security infrastructure clouds such as like AWS, Azure, or GCP
• Manage the security posture of workloads deployed on Kubernetes environments

Required qualifications

• 5+ years of progressive experience in security engineering
• Understanding of fundamental security concepts such as Authentication, Authorization, Zero-Trust, and their application to cloud native infrastructure and applications. 
• Hands-on experience in securing cloud and Kubernetes environments. Experience with Kubernetes admission controllers, vulnerability management, supply-chain security, network security, and use of mTLS and PKI to secure infrastructure.
• Ability to design and implement security controls for Kubernetes, including strong knowledge of authorization models, admission controllers, and security best practices.
• Understanding of modern Identity and Access Management (IAM) standards and technologies such as OAuth2/OIDC, SAML.
• Proficiency in at least one modern programming/scripting language (e.g., Python or Go) for building security automation.
• Experience writing and using Terraform.

Desirable qualifications

• Deep fundamental understanding of enterprise-level network security, operating system (Linux), Kubernetes, CI/CD, and application security principles.
• Familiarity with compliance frameworks (e.g., SOX, SOC 2, ISO 27001).
• Familiarity with machine identity frameworks like SPIFFE/SPIRE, mTLS or equivalent.

The base salary range for this position is $162,000 - $235,000 per year. Aurora’s pay ranges are determined by role, level, and location. Within the range, the successful candidate’s starting base pay will be determined based on factors including job-related skills,