Huntress is a fully remote cybersecurity company dedicated to providing enterprise-grade security solutions. They are seeking a Staff Cloud Security Engineer to define the long-term cloud security strategy for their B2B Cloud Security SaaS platform and to influence engineering culture while solving complex security challenges.
Responsibilities:
- Strategic System Design: Define the technical vision for cloud security. You will spearhead the evaluation of emerging cloud technologies and engineer "paved road" patterns that make the secure path the easiest path for our engineering teams
- Cross-Functional Influence: You will act as the bridge between Security, Product, and Engineering. You will not just partner with these teams; you will embed security DNA into their workflows, mentoring Senior and Mid-level engineers, and driving consensus on critical design decisions across the organization
- Scalable Threat Modeling: Move beyond reviewing pitches. You will establish frameworks that enable engineering teams to self-assess their risks. You will tackle the most complex and high-risk system design changes, ensuring that privacy and security are addressed at the whiteboard stage, not during testing
- Advanced Threat Resilience: You will design self-healing and resilient infrastructure capabilities. You will lead the technical strategy for incident response readiness, implementing sophisticated runtime detection, automated containment, and forensic capabilities that scale with our customer growth
- Risk-Based Vulnerability Governance: You will evolve our vulnerability management from "scanning and ticketing" to a risk-based intelligence program. You will develop automated prioritization models that contextualize vulnerabilities based on asset criticality, enabling the business to focus on what truly matters
- Automated Compliance & Governance as Code: You will own the roadmap for cloud security governance. You will drive the shift toward "Compliance as Code," ensuring that our controls are monitored, audited, and remediated programmatically, minimizing manual toil
Requirements:
- The 'Force Multiplier' Mindset: You don't just solve problems; you create solutions that empower others to solve problems. You have a track record of elevating the technical maturity of the teams around you
- Value Documentation: You recognize documentation as a critical tool for showing impact and value. You effectively detail security recommendations, process improvements, architectural decisions, and innovative ideas to ensure clarity and organizational buy-in
- Strategic SaaS Experience: You have deep experience in high-growth B2B SaaS environments. You understand how to align security initiatives with business velocity, ensuring security is an enabler, not a blocker
- High-Level Technical Communication: You can explain a complex RCE vulnerability to a developer and then immediately pivot to explaining the business risk of that vulnerability to a VP. You document not just the 'how,' but the 'why.'
- Expert-Level Infrastructure-as-Code: You don't just use Terraform/Spacelift; you structure modular, reusable, and secure IaC libraries. You treat infrastructure as software and apply software engineering best practices (testing, versioning, CI/CD) to security
- Software Engineering Proficiency: You go beyond simple scripting. You are comfortable building robust internal tools, APIs, and automation using Python, Go, or similar languages to integrate disparate security systems
- Deep Cloud Mastery: You possess top-tier expertise in AWS and Azure. You understand the nuances of IAM, networking, and container security (Kubernetes/ECS) at an advanced level
- Incident Command: You have the composure and expertise to lead technical response efforts during critical security incidents, leveraging advanced forensics and query languages (SQL, Splunk, KQL) to hunt through massive datasets
- Remote-First Collaboration: You are an excellent communicator, capable of thriving and driving initiatives in a distributed, asynchronous work environment