Cloud Security Engineer

About us

APIs form the foundation of the application innovation needed to drive business success today. Across sectors such as banking, retail, transportation, IoT, autonomous vehicles, and smart cities, every web and mobile app depends on APIs. Without secure APIs, businesses cannot rapidly innovate. Salt Security has delivered the only patented solution to identify and prevent API attacks, using Big Data and AI to thwart this top threat to businesses today.

About the position

We are seeking a Cloud Security Engineer with a strong focus on DevSecOps to join our growing team. This senior-level position will play a key role in securing our cloud infrastructure and ensuring the protection of our critical data. The role involves not only the day-to-day operation and maintenance of our cloud and SaaS security systems but also the development and implementation of advanced security measures across the organization.

You will be responsible for leading the security strategy and incident response processes, ensuring compliance with security frameworks, and driving initiatives related to RFQs and vendor management in relation to security standards. The ideal candidate will have expertise in public cloud security, incident response, compliance management, and DevSecOps practices.

What will you do:

• Lead the design and implementation of security measures, including firewalls, intrusion detection systems, and access controls for cloud environments.
• Manage incident response processes, ensuring timely identification, containment, and resolution of security incidents.
• Ensure compliance with security policies and industry standards for RFQs, contracts, and regulatory requirements (e.g., SOC 2, ISO 27001).
• Provide expertise and support for SaaS security, Cloud security, ZTNA systems, DLP, CASB, SIEM
• Collaborate cross-functionally to integrate security into all aspects of our IT & Security infrastructure and operations, particularly in cloud environments.
• Develop and maintain documentation for security systems, procedures, and response plans to ensure effective governance and audit-readiness.
• Monitor security alerts, vulnerabilities, and compliance gaps, ensuring the appropriate response mechanisms are in place and addressing risks proactively.
• Stay current on security trends, technologies, and best practices, leveraging automation, orchestration, and DevSecOps tools to streamline security operations.

Who You Are?

• 3-5 years of hands-on experience in Cloud Security or Security Engineering, with a focus on SecOps in public cloud environments.
• Strong background in incident response and the management of security events, including post-incident analysis and reporting.
• Expertise in public cloud platforms such as AWS, GCP, or Azure, with practical experience in configuring and securing cloud environments.
• Proven ability to integrate DevSecOps practices, with a focus on automating security controls within the CI/CD pipeline.
• Expertise in security technologies including SaaS security, ZTNA systems, DLP, CASB, SIEM, and Application Security systems.
• Solid understanding of RFQ compliance, security audit processes, and industry standards.
• Familiarity with vulnerability assessment, penetration testing tools, and techniques for cloud environments.
• Strong problem-solving skills, attention to detail, and the ability to drive change within a complex environment.
• Excellent communication skills and experience leading projects with cross-functional teams.

Preferred (but not mandatory) experience:

• Experience with GCP and Azure.
• Familiarity with Security Operations Centers (SOC) and Security Information and Event Management (SIEM) platforms.
• Experience with cloud security frameworks, such as NIST 800-53, CIS, and AWS Well-Architected Framework.