Cloud Security Engineer

About Port

At Port.io, we are building an open and flexible Agentic Engineering Platform for modern engineering organizations. Following our recent $100M Series C funding round, we are in a phase of rapid hypergrowth with strong enterprise momentum.

We act as the central nervous system for engineering, enabling platform teams to unify their stack and expose it as a governed layer through golden paths for developers and AI agents.

By combining rich engineering context, workflows, and actions, we help organizations transition from manual processes to autonomous, AI-assisted engineering workflows while maintaining control and accountability.

As a product-led company, we believe in building world-class platforms that fundamentally shape how modern engineering organizations operate.

Why we're looking for you:

We’re looking for a Cloud Security Engineer to help us build and run a security foundation that scales - across the Cloud, our platform, and our detection/response stack. This role is a key partner to engineering, IT and GRC, owning security integrations and automations that reduce risk without slowing teams down.

As we scale rapidly, we need someone who can ship security improvements (not just write docs): tighten AppSec, mature vulnerability management, improve SIEM signal quality, and be a strong operator during incidents. You’ll also help us secure emerging AI capabilities—LLMs, Agents, and MCP-based integrations - with practical guardrails and clear patterns.

This is a hands-on role for someone who can balance building (automation, controls, detections) with operations (triage, incident response, vuln remediation). You’ll work closely with engineering teams to embed security into day-to-day delivery.

What you'll do:

• Own Cloud and Corporate security end-to-end: IAM, logging, network controls, encryption, secrets, plus scalable guardrails and detections across accounts/environments.
• Build integrations and automations that make security run at scale: CI/CD hooks, auto-triage/enrichment, ticketing, and pragmatic auto-remediation.
• Drive AppSec in practice: threat modeling + secure design reviews, run/tune scanning (SAST/SCA/secrets/IaC/API as needed), and work with engineers to fix root causes fast.
• Run vulnerability management with real outcomes: risk-based prioritization, SLAs, validation of fixes, reduced false positives, improved coverage.
• Operate detection and response: SIEM content/log onboarding, alert quality (signal > noise), correlation/enrichment, and incident handling from triage to postmortem.
• Secure AI features (LLMs, agents, MCP): guardrails for tool execution, strong authN/authZ and data boundaries, mitigation for prompt/tool abuse and data leakage, and monitoring you can trust.

Who you'll work with:

You’ll report direclty to the CISO under the CIO team.

You’ll work day-to-day with engineering, platform/infra, and IT. You’ll partner closely with Security leadership (and GRC/Compliance where relevant) to align practical controls with business needs. During incidents, you’ll coordinate with relevant technical owners and drive crisp execution.

Requirements:

• 4+ years hands-on experience in security engineering (or equivalent)
• Strong AWS security knowledge (IAM, logging/monitoring, KMS/encryption, network controls, secrets)
• Strong application security fundamentals and real experience getting issues fixed with engineers
• Experience running vulnerability management with risk-based prioritization and measurable improvement
• Incident response experience (investigation, containment, postmortems—not just “was on a rotation”)
• SIEM/alerting experience: log onboarding, detection engineering, tuning, triage workflows
• Ability to build automations/integrations using Python (preferred) and APIs management.
• Solid grasp of core security concepts: least privilege, authN/authZ, secure SDLC, IAM, network fundamentals

Nice to have (Advantages):

• Infrastructure-as-code and policy-as-code experience
• Kubernetes/container and serverless security experience
• SOAR experience (or strong custom automation patterns for response workflows)
• Experience mapping detections to MITRE ATT&CK and running a structured detection lifecycle
• Hands-on AI security experience in production systems (LLM gateways, agent sandboxing, evals/red teaming)
• Security certs