Paxos
Engineering Manager, Cloud Security
š° USD 240,217 - 275,543/yr
Job Description
[AI-summarized by JobStash]
You will lead a team of cloud security engineers responsible for securing AWS and Kubernetes infrastructure end-to-end. You will design and implement Zero Trust architectures, harden critical services, and build automated guardrails using infrastructure as code and policy as code. You will act as Incident Commander for high-severity security incidents, drive the cloud and container security roadmap, embed security into CI/CD and service architectures, and collaborate with Platform, SRE, Product, Compliance, Risk, and Legal to maintain and improve security posture. You will also participate in headcount planning, hiring, and mentorship to grow the team and promote security education and documentation across the organization.
Requirements
- ā8+ years of engineering experience including hands-on security engineering work on cloud or application security
- ā2ā3 years of experience as an engineering manager leading security or infrastructure teams
- āProven experience securing production AWS environments at scale including AWS Organizations, IAM, SCPs, VPC design, Transit Gateways, WAFs, and logging/monitoring
- āHands-on experience securing multi-cluster Kubernetes environments including network policies, admission controllers, service mesh, secrets management, and runtime hardening
- āFluency with Infrastructure as Code such as Terraform or CDK and driving code reviews, testing, and automation for infra changes
- āDeep understanding of security architecture concepts including Zero Trust, mTLS, identity-based perimeters, least privilege, and cloud hardening best practices
- āDemonstrated experience leading incident response as an Incident Commander for major vulnerabilities or breaches
- āProficiency in headcount planning, performance reviews, and mentorship with a clear leadership philosophy
- āExcellent communication skills for explaining complex security risks and trade-offs to technical and non-technical stakeholders
Responsibilities
- āLead and develop a team of cloud security engineers
- āOwn the security posture of AWS and Kubernetes platforms including multi-account AWS Organizations and multi-cluster Kubernetes environments
- āDesign and implement Zero Trust architectures including identity based perimeters, mTLS, network segmentation, and least-privilege access controls
- āEmbed security into infrastructure roadmaps, CI/CD pipelines, and service architectures
- āEstablish and scale infrastructure as code and policy as code practices to build automated guardrails
- āAct as Incident Commander for high-severity security incidents and coordinate technical response and post-incident reviews
- āOwn the security engineering roadmap for cloud and container security
- āCollaborate with Compliance, Risk, and Legal to maintain frameworks like SOC2 and ISO and support customer and regulator inquiries
- āPartner with leadership on headcount planning, hiring, and organizational design
- āChampion security through education, documentation, and cross-team collaboration
Benefits & Perks
- āEquity
- āBonus