Senior SecOps Engineer

Cloudinary is looking for a Senior SecOps Engineer to be our eyes and ears on security—end to end.
You’ll be embedded in the DevOps team and partner with our existing SecOps engineer to secure massively scalable, global production systems that power tens of thousands of websites and apps, while also tackling organizational security across identity, endpoints, SaaS, and risk. This is a hands‑on role with broad ownership and real impact across R&D, Production, and the business.
What You’ll Do
Detect, protect, and respond (hands‑on)
Own day‑to‑day security operations for cloud and Kubernetes workloads (threat detection, alert triage, incident response, forensics, and post‑incident learning).
Build and tune detections and automations (SOAR/runbooks, detection‑as‑code, Sigma/queries) to reduce MTTA/MTTR and eliminate noisy alerts.

Secure our delivery pipelines & runtime
Harden CI/CD and software supply chain (secrets, SBOMs, artifact signing, SLSA/Cosign), and drive “secure by default” patterns in build/deploy.
Lead cloud/K8s/serverless hardening (IaC reviews, policy‑as‑code, admission controls, least privilege, network segmentation)

Raise the bar across the organization (beyond prod)
Partner with IT/SRE to evolve identity & access (SSO/MFA/JIT/JEA), endpoint/EDR posture, email & SaaS security, and third‑party/vendor risk.
Run vuln management end‑to‑end: scanning, prioritization, remediation SLAs, and executive reporting.
Contribute to security governance (policies, standards, tabletop exercises, BCP/DR inputs) and support compliance efforts (e.g., SOC 2/ISO 27001).

Influence, automate, and measure
Build security tooling and integrations (preferably Python or Go) that engineers love to use.
Define metrics/KPIs (coverage, drift, exposure, response times) and regularly communicate risk & progress to engineering and leadership.
Mentor engineers on secure design and champion a positive, enablement‑first security culture.
What You’ll Bring
5+ years in Security Operations/Cloud Security/Blue Team roles, with deep, hands‑on experience in AWS (IAM/GuardDuty/CloudTrail/CloudWatch) and Kubernetes/containers.
Strong incident response skills across detection, investigation, containment, and recovery especially in complex cloud-native environments.
Proficiency building security automations and tools in Python or Go; experience with SOAR and API‑driven workflows.
Practical expertise with SIEM/log analytics (e.g., ELK/OpenSearch, Splunk), EDR, CSPM/CNAPP, and secrets management (e.g., Vault).
Solid grasp of CI/CD security, supply‑chain risks (SAST/DAST/IAST, dependency scanning, artifact signing), and IaC (Terraform) security reviews.
Networking & Linux fundamentals; proven ability to partner with DevOps/SRE/R&D and to communicate risk clearly to non‑security stakeholders.
Willingness to participate in a shared on‑call rotation for security incidents.