Staff Cloud Security Engineer

📋 Description

• Develop and implement a comprehensive cloud security strategy, establish architecture standards, and create technical roadmaps for cloud and AI-enabled environments.

• Spearhead the design and deployment of preventative security measures, utilizing automation and AI-driven solutions to minimize risks and enhance detection and response capabilities.

• Design and secure intricate multi-cloud and hybrid systems across AWS, Azure, GCP, and on-premise infrastructures.

• Establish and execute security architecture for AI/ML workloads, covering model pipelines, data protection strategies, and AI-integrated applications.

• Identify and implement controls to address AI-specific risks including prompt injection, data poisoning, model leakage, and adversarial inputs.

• Influence security and engineering methodologies across various teams and departments, promoting the adoption of secure-by-design principles.

• Take ownership of security outcomes for major cloud and AI projects, ensuring effective delivery and quantifiable risk reduction.

• Develop and enhance DevSecOps and Infrastructure-as-Code (IaC) security guidelines, integrating security measures into CI/CD pipelines at scale.

• Promote the adoption and optimization of CNAPP platforms and associated tools to enhance risk visibility and remediation in cloud, container, and AI environments.

• Define and implement security architecture for containerized platforms (Kubernetes/EKS/GKE/AKS), focusing on cluster hardening, workload isolation, image supply chain security, and runtime protection mechanisms.

• Lead the advancement of detection and response capabilities, incorporating cloud telemetry, Cloud EDR, and advanced security analytics.

• Conduct and guide threat modeling and risk assessments (including Attack Surface Management and Data Security Posture Management) for sophisticated cloud-native and AI-enabled systems.

• Architect and deliver automation frameworks and security services to enhance scalability and operational efficiency.

• Provide technical leadership and mentorship to engineers, shaping department-level objectives and technical direction.

⛳️ Requirements

• Bachelor’s degree or equivalent in Computer Science, Information Security, or a related field.

• Demonstrated experience in defining and securing large-scale cloud and hybrid architectures (AWS, Azure, GCP, On-Premise).

• In-depth expertise in cloud security architecture, including IAM, network segmentation, encryption, and secure design patterns.

• Strong programming and automation skills, with the capability to design and scale security engineering solutions.

• Extensive experience in implementing DevSecOps practices and securing Infrastructure-as-Code (IaC) workflows.

• Proficiency in container technologies (Kubernetes, Docker, EKS, GKE, AKS).

• Comprehensive understanding of security risks in AI/ML systems, such as prompt injection, data poisoning, model leakage, and adversarial inputs.

• Experience in leading the implementation and adoption of CNAPP platforms.

• Strong foundation in security prevention, detection, and response strategies.

🏝️ Benefits

• Medical, dental, and vision insurance.

• Matching 401(k).

• Paid time off.

• Wellness program.

• Employee discounts for Sony products.

• Eligible for a bonus package.