Senior Cloud Security Engineer

Job description

Unqork empowers enterprises to accelerate growth by rapidly building, testing, and running applications that are designed to be AI-native. Trusted by the world’s largest organizations in highly regulated industries, these applications become more secure over time while significantly reducing technical debt—allowing businesses to focus on innovation rather than maintenance. Unqork’s customers include Goldman Sachs, Marsh, BlackRock, and the U.S. Department of Health and Human Services.

At Unqork, we value inclusive and innovative thinkers who boldly challenge the status quo. We encourage you to apply!

Role Overview:

You will be part of a team that is passionate about securing Unqork’s Commercial and FedRAMP technology stack.

We are looking for a Cloud Security Engineer who thrives at the intersection of security, automation, and infrastructure. In this role, you will be responsible for the security posture of our multi-cloud environment ( AWS, GCP, and Azure).

You aren’t just an auditor; you are a builder. You will develop automation in python, containerize via Docker, and deploy them to AWS to automate threat detection and response. You will also serve as a key consultant to architects and developers, ensuring our cloud environment remains secure and compliant.

The Impact U will make:

• Multi-Cloud Governance: Monitor and triage security findings across AWS, GCP, and Azure, prioritizing high-risk vulnerabilities and misconfigurations.
• Security Automation: Architect and maintain security automation workflows using Python.
• Posture Management (CSPM): Identify and remediate insecure cloud configurations (e.g., exposed buckets, overly permissive IAM roles, unencrypted data).
• Edge Security: Manage and fine-tune AWS WAF (Web Application Firewall) rules using Terraform(Infrastructure as Code).
• Consultative Partnership: Collaborate with Cloud Architects and Developers during the design phase to prevent security debt and ensure “Secure by Design” principles.

What U bring:

• Experience: 5+ years specifically focused on Cloud Security.
• Coding: Proficiency in Python for security automation and API integrations.
• DevOps Tools: Strong experience with Docker, Terraform, and CI/CD pipelines.
• Platform Knowledge: Deep understanding of AWS (core services), with functional knowledge of Azure and GCP.
• Security Tooling: Hands-on experience with CNAPP/CSPM platforms (specifically Lacework and Qualys).
• Networking: Understanding of cloud networking (VPC peering, Security Groups, Transit Gateways, WAF).
• Preferred Qualifications: AWS Certified Security – Specialty, or equivalent professional-level cloud certifications (GCP Professional Security Engineer / Azure Security Engineer).

Compensation, Benefits, & Perks

💻 Work from home with a remote-first community

🏝 Unlimited PTO (and the encouragement to use it)

📝 Student loan payback program

🏥 100% employer-covered medical, dental, and vision options available to you and your dependents

💸 Flexible Spending Account (FSA)

🏠 Monthly stipend toward your WFH setup, vacation, development and more

💰 Employer-sponsored 401(k) with contribution match

🏋🏻‍♀️ Subsidized ClassPass Membership

🍼 Generous Paid Parental Leave

💲 Hiring Ranges:

• Tier 1: $129,600 - $160,000 base salary
• Tier 2: $116,640 - $144,000 base salary

Unqork employs a market-driven approach to establish compensation ranges. In addition to a base salary, employees may also be eligible to receive a target incentive and company equity in the form of stock options.

An employee’s compensation within the range provided above depends on a variety of factors including, but not limited to, their location, role, skillset, level of experience, and similar peer salaries.

As a remote-first company, Unqork incorporates a geographic differential into our compensation structure, depending on the candidate’s location. We utilize a tiered system—Tier 1 and Tier 2—to accurately reflect local market rates and ensure our compensation packages are both fair and competitive.

Our geographic tiers are defined as follows:

• Tier 1: New York Metro, Seattle Metro, San Francisco Bay Area
• Tier 2: All other US and US territory locations

Unqork embraces a culture of security and privacy awareness by consistently safeguarding sensitive information, adhering to company policies, and actively participating in training and initiatives to protect our data and the privacy of our stakeholders.

Unqork is an equal opportunity employer. We will consider all qualified applicants without regard to race, color, nationality, gender, gender identity or expression, sexual orientation, religion, disability or age.

#LI-TB1