Senior Cloud Security Engineer

Semperis Ltd.

Job Overview

Location

Los Angeles, Texas, USA

Job Type

Full-time

Full Job Description

📋 Description

• Join Semperis, a recognized leader in cybersecurity and a multi-year Inc. Best Workplace awardee, as a Senior Cloud Security Engineer and play a pivotal role in safeguarding enterprises against evolving cyber threats. Our mission, 'A Force for Good,' extends to fostering an exceptional employee experience where purpose, growth, and balance are paramount. As we continue to scale our cloud footprint and expand our regulated offerings, we are seeking a highly skilled engineer to enhance our Cloud Security team.
• This role is uniquely focused on proactive and preventative security measures, rather than incident response. You will be instrumental in designing, building, and maintaining secure cloud foundations across major platforms like Azure, AWS, and GCP, with a deep specialization in at least one. Your expertise will be crucial in establishing secure-by-default cloud architectures and implementing robust security guardrails across our diverse environments.
• A core responsibility will be to own and continuously evolve our Cloud Security Posture Management (CSPM) capabilities. This includes defining, implementing, and enforcing security policies, establishing effective guardrails, and developing automated remediation strategies to address identified vulnerabilities and misconfigurations swiftly and efficiently.
• You will engineer and maintain critical cloud network security controls. This involves implementing sophisticated network segmentation and isolation strategies, configuring and managing cloud-native firewalls and security groups, optimizing Application Gateway and Web Application Firewall (WAF) configurations, and ensuring secure ingress and egress patterns are consistently applied across all cloud deployments.
• A significant aspect of this role involves defining and enforcing security best practices for Kubernetes environments, specifically AKS and EKS. You will focus on implementing robust Role-Based Access Control (RBAC), network policies for micro-segmentation, workload isolation techniques, and comprehensive cluster hardening to minimize the attack surface.
• You will collaborate closely with our engineering teams, conducting thorough security architecture reviews for new services, platforms, and significant changes. Your guidance will empower engineering teams to design and implement secure solutions that align with industry best practices and stringent compliance requirements, embedding security early in the development lifecycle.
• Engineering and maintaining advanced identity and access security controls for both cloud and production environments is another key area. This includes implementing the principle of least privilege, managing workload identities, configuring service principals effectively, and enforcing conditional access policies to ensure only authorized access is granted.
• You will contribute directly to our FedRAMP and other regulated environment readiness efforts. This involves implementing necessary controls, automating evidence collection and reporting, and fostering seamless cross-team coordination to meet and exceed compliance mandates.
• A strong emphasis will be placed on building and operating secure cloud automation using Infrastructure as Code (IaC) tools such as Terraform and Bicep, integrating security into CI/CD pipelines, and leveraging policy-as-code frameworks to ensure consistent and secure deployments.
• You will apply a strategic security lens to FinOps initiatives, defining guardrails that effectively balance cost optimization with essential security and compliance requirements, ensuring financial efficiency without compromising safety.
• Developing innovative tooling, automation scripts, and self-service workflows will be vital to reduce manual effort, enhance operational efficiency, and improve consistency across all our security programs.
• As a senior technical partner, you will engage with engineering, IT, and compliance teams, contributing significantly to the long-term cloud security strategy, defining organizational standards, and driving continuous improvement.
• Finally, you will play a crucial role in mentoring junior engineers, sharing your expertise, and actively contributing to raising the overall security maturity and capabilities of the entire organization.

🎯 Requirements

• 6+ years of experience in cloud security, security engineering, or cloud platform engineering roles.
• Strong hands-on experience securing cloud-native environments (Azure preferred).
• Proven experience with cloud network security, including firewalls, WAFs, network segmentation, and secure connectivity patterns.
• Strong understanding of cloud security architecture, including shared responsibility models, secure service design, and defense-in-depth.
• Solid experience with identity and access management in cloud environments (RBAC, workload identity, service principals).
• Strong Infrastructure-as-Code skills (Terraform, Bicep, CloudFormation).
• Ability to script or automate using Python, PowerShell, or similar languages.
• Experience contributing to or supporting compliance programs such as FedRAMP, SOC 2, ISO 27001, or NIST frameworks.
• Hands-on experience securing Kubernetes environments (AKS/EKS) is a strong plus.
• Familiarity with CI/CD pipelines and DevSecOps practices.

🏖️ Benefits

• Be part of a global team at the forefront of cybersecurity innovation.
• Work in a company recognized as one of America’s Fastest-Growing Cybersecurity Companies and a DUNS 100 Top Startup to Work For.
• Opportunities for professional growth and development in a supportive environment.
• Competitive salary and comprehensive benefits package.
• A culture that celebrates curiosity, integrity, and initiative.
• Emphasis on work-life balance and employee well-being.
• Hybrid work model for employees within 45 miles of an office location.

Skills & Technologies

Python

AWS

Azure

GCP

Kubernetes

Senior

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Semperis Ltd.

Visit Website

About Semperis Ltd.

Semperis provides identity-driven cyber resilience for hybrid and multi-cloud environments, specializing in Microsoft Active Directory and Azure AD. Its platform automates threat detection, response, and recovery for identity systems, enabling organizations to prevent, detect, and remediate attacks like ransomware and identity compromise. The company offers real-time monitoring, forensic analysis, and disaster recovery capabilities to ensure continuous business operations. Founded by security experts, Semperis serves enterprises and government agencies worldwide, helping them secure critical identity infrastructure against evolving cyber threats. Solutions include Directory Services Protector, Purple Knight, and Forest Recovery.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.