Staff Cloud Security Engineer

Huntress is a remote-first team founded in 2015 by former NSA cyber operators, dedicated to making enterprise-grade cybersecurity accessible to businesses of all sizes. They are seeking a highly skilled Staff Cloud Security Engineer to secure their cloud-native infrastructure and ensure the platform remains secure and resilient for their growing customer base.

Responsibilities:

• Product Security: Huntress is a B2B SaaS company providing a range of cybersecurity services to our partners and customers. You will be a key member of the internal product security team and help drive effective security detection and response across our production platform. A requirement for this role is having worked at a B2B SaaS company that provides cloud-hosted services to customers. You are right at home interacting with developers who work in SaaS production environments
• Secure Cloud Architecture: You will design, evaluate, and implement architectural security standards for our AWS, Azure, and PaaS cloud platforms. You’ll be a key stakeholder when we onboard new technologies or modify existing ones to meet business goals and objectives
• DevSecOps Collaboration: Partner directly with internal DevOps and Platform teams to build security into every stage of the infrastructure-as-code lifecycle. You are comfortable engaging via PRs and reviewing IaC/HCL/DSL configurations
• Threat Modeling: You are comfortable reviewing architecture and product development pitches, leveraging your extensive security knowledge to ensure security and privacy by design
• Platform Vulnerability and Risk Management: You'll manage a robust vulnerability management program specifically tailored to our cloud environments. This entails triaging high-severity alerts and coordinating with internal teams to drive mitigations or remediations
• Threat Detection & Response: You will develop strategies to respond to and recover from security incidents affecting the Huntress platform. You'll also implement tools, including runtime and build-level controls, to assist in threat detection and prevention
• Own Security Compliance: This role will have the primary responsibility of owning cloud security controls end-to-end, including the design, monitoring, and remediation of control failures

Requirements:

• Experience working at a B2B SaaS company that provides cloud-hosted services to customers
• Ability to design, evaluate, and implement architectural security standards for AWS, Azure, and PaaS cloud platforms
• Experience partnering with internal DevOps and Platform teams to build security into the infrastructure-as-code lifecycle
• Comfort with reviewing architecture and product development pitches for security and privacy by design
• Management of a robust vulnerability management program tailored to cloud environments
• Development of strategies to respond to and recover from security incidents
• Primary responsibility for owning cloud security controls end-to-end, including design, monitoring, and remediation of control failures
• Flexible security mindset with a risk-based approach to solving security risks and challenges
• Experience working within a fast-paced SaaS company and understanding unique security challenges of a cloud-first environment
• Recognition of documentation as a critical tool for showing impact and value
• Comfort with IaC tools such as Terraform / Spacelift and other engineering tools like CircleCI and Git
• Proficiency with a scripting language such as Python or Go
• Effective collaboration and communication skills both cross-functionally and functionally
• Extensive knowledge of AWS and/or Azure and other cloud platforms
• Working knowledge of incident response processes and strategies
• Familiarity with computer forensic tools and methods
• Familiarity with a query language (jQL, SQL, Splunk, etc.) for data analysis during incidents
• Excellent communication skills for thriving in a distributed, asynchronous work environment