Cloud Security Engineer

We are looking for a Cloud Security Engineer who approaches compliance with a builder’s mindset. In this role, you will be a force multiplier bridging the gap between security compliance and engineering teams. You are obsessed with solving problems and dissecting inefficient workflows. You won't just write policies; you will build the automated guardrails that enforce them. You will serve as the translator between abstract AI regulations and concrete engineering reality, ensuring that our AI features are built safely without slowing down our shipping velocity. You keep a pulse on the latest AI trends and leverage modern AI coding tools to build internal tools fast, but you are also ready to roll up your sleeves to handle the reality of day-to-day security and compliance work, with a plan to automate it. If you are ready to define what AI-Native Security looks like at a high-growth mission-driven company, this is your role.

• Drive the implementation of technical controls and evidence gathering in collaboration with engineering for compliance standards and frameworks such as ISO 42001 and FedRAMP 20X.
• Manage the daily operational reality of audits, customer questionnaires, and internal IT/Security support requests while relentlessly identifying friction and engineering automated workflows to make these tasks self-service over time.
• Rapidly prototype and ship internal tools, custom Vanta integrations, and scripts using AI-assisted development to close automation gaps and eliminate manual work across Security, IT, and Engineering.
• Work with application, data, infrastructure, and ML engineering teams on implementing secure design patterns and governance best-practices. You will be a trusted technical advisor and doer who speeds up production deployments rather than blocking them by automating processes like AI risk assessments and secure architecture reviews.

Required Skills & Experience

• Proven experience preparing for and participating in GRC related audits (Eg. SOC 2, ISO, FedRAMP, and/or CMMC), including working with auditors and customers to clearly explain the security posture of systems and collecting requirements when there are gaps.
• You actively track the latest AI innovations and automation trends. You use AI to automate processes internally and know how to help ensure product and engineering teams leverage AI in compliance with ISO 42001.
• An engineering mindset that despises manual repetition. You’re driven to understand processes and/or control requirements, propose a solution, and write the code to automate it.
• Hands-on experience securing cloud environments. You understand the security implications of IAM, network policies, container vulnerabilities, etc.
• Strong proficiency in Python and demonstrated ability to move fast using modern AI development tools (e.g., Cursor, n8n, LangChain, etc.) and APIs to ship internal tools/scripts and automations.
• Obsessive attention to detail in written communication. You leverage AI to generate content at speed, but you ruthlessly review and revise for accuracy, nuance, and audience fit. You understand the importance of clear, accurate writing, whether in a policy, audit response, or response to a customer’s security question.

Desired Skills & Experience

• Experience with Vanta or similar compliance automation platforms and knowledge of where they fall short.
• Experience working in both smaller scrappy startups and large structured tech companies.

The target base salary for this position is $125,000 - $145,000 plus company bonus and equity. Final offer amounts are determined by multiple factors including location, local market variances, candidate experience and expertise, internal peer equity, and may vary from the amounts listed above.