Cloud Security Engineer

job summary:

A rapidly growing, award-winning fintech innovator is seeking a Senior Cloud Security Engineer to drive the architectural design and hands-on implementation of our next-generation cloud security controls. Operating in a "cloud-first" ecosystem, you will serve as a senior technical advisor across the platform engineering and software development departments to secure our production and data platform environments. This is a 100% remote direct-hire position (work from anywhere in the U.S.) that balances strategic architectural collaboration with hands-on automation. Comprehensive premium benefits for this position include top-tier medical, dental, and vision insurance options.

location: Telecommute

job type: Permanent

salary: $170,000 - 190,000 per year

work hours: 9am to 5pm

education: Bachelors



responsibilities:

Take absolute technical ownership of architecting, rebuilding, and hardening our multi-cloud infrastructure, with an immediate, heavy focus on our Google Cloud Platform (Google Cloud Platform) data science, ML, and data warehousing stacks.

Consult directly with software development and engineering teams during early-stage architectural discussions, acting as a trusted advisor to scope and embed preventive security controls into new system designs.

Build, test, and implement robust security automations and scripts in Python or Go to systematically eliminate misconfigurations and handle vulnerability management.

Re-engineer network boundaries and micro-segmentation policies within Amazon Web Services (AWS) production infrastructure to proactively mitigate data exfiltration risks.

Bring the foundational Google Cloud Platform environment into an Infrastructure as Code (IaC) framework using Terraform, establishing access control hierarchies and compartmentalizing resources to prevent public internet exposure.

Collaborate closely with senior leadership to design modern identity management, authentication, and encryption protocols that safeguard sensitive customer records.

Hand off outputs from custom security automation tooling to junior operational analysts, defining operational consumption models to scale platform defenses.

qualifications:

Must-Haves

7+ years of dedicated information security experience, with a clear focus on implementing and designing controls within a cloud-first, fast-paced environment.

Direct, expert-level experience hardening and configuring Google Cloud Platform (Google Cloud Platform) environments, specifically around data services like BigQuery.

Hands-on engineering proficiency within Amazon Web Services (AWS) ecosystems supporting software production deployments.

Demonstrated capability to write automation scripts from scratch utilizing Python or Go.

Strong working proficiency with Infrastructure as Code (IaC) frameworks, preferably Terraform, to manage cloud infrastructure definitions.

Prior operational experience standing up cloud security controls from the ground up within small-to-medium-sized organizations or hyper-growth consumer fintech applications.

Legally authorized to work in the United States without current or future visa sponsorship.

Excellent communication and consensus-building skills with a stable professional tenure (no patterns of hyper-frequent job hopping).

Nice-to-Haves

Prior professional background operating within a Red Team, penetration testing, or vulnerability research environment.

Active industry security certifications such as Certified Cloud Security Professional (CCSP) or advanced cloud vendor security credentials.

Familiarity with securing data pipelines, cloud warehouses, and foundational data science/ML models.

Skills

Google Cloud Platform (Google Cloud Platform) Hardening

Amazon Web Services (AWS) Infrastructure Security

Python or Go Scripting & Automation

Terraform & Infrastructure as Code (IaC)

Threat Modeling & Architectural Assessment

Identity & Access Management (IAM) Architecture

Data Exfiltration Prevention & Network Security

Stakeholder Consultation & Advisory

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact

Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.


It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.