Description
Sr. Cloud Security Engineer - FedRamp (Dallas, TX)
Team: IT
Location: Dallas, Texas
Commitment: Full time
Workplace Type: hybrid
Zimperium® is an industry leader in enterprise mobile security, being the first and only company to provide a complete mobile threat defense system that offers real-time, on device world-class protection against both known and unknown next generation of advanced mobile cyberattacks and malware.
Our MTD and award-winning machine learning-based engine protects against device, network, phishing and application attacks for IOS, Android and Windows devices, using a non-intrusive approach to always protect privacy of users.
Position Summary:
We are seeking a highly experienced and self-directed Senior Cloud Security Engineer to join our team. This critical role is responsible for designing, implementing, and maintaining robust security controls across our multi-cloud environment. The ideal candidate will possess deep technical knowledge, a proactive, automation-first mindset, and the ability to operate independently, taking full ownership of security responsibilities in a fast-paced environment.
Location: Dallas, TX
Key Responsibilities:
Multi-Cloud Security Architecture: Design, implement, and manage security best practices and controls for services hosted across AWS, Azure, GCP, and OCI environments.
Infrastructure as Code (IaC) & Automation: Act as the subject matter expert for security automation, leveraging CloudFormation and/or Terraform to deploy secure infrastructure consistently and at scale.
System Hardening: Implement and enforce rigorous security configuration benchmarks, specifically CIS Level 2 and DISA STIGs, across all compute environments, including various flavors of Linux and Kubernetes clusters.
Security Tooling & Operations: Configure, manage, and optimize cloud-native and third-party security tools such as Palo Alto Prisma Cloud, Orca, Google SecOps, and Palo Alto Next Generation Firewalls.
Application & Network Defense: Deploy and manage Web Application Firewalls (WAFs), including F5 and other cloud-native WAF solutions, to protect critical applications.
DevSecOps & Pipeline Security: Integrate security testing tools (SAST, DAST, SCA) into CI/CD pipelines to enable "shift-left" security practices.
Secrets and Key Management: Design and maintain solutions for the secure storage and rotation of credentials, API keys, and secrets using tools like HashiCorp Vault or equivalent cloud-native services.
Risk & Design Review: Conduct threat modeling and perform security reviews for new applications and services to proactively identify and mitigate risks in the design phase.
Incident Response & On-Call: Participate in a rotating on-call schedule to address security incidents and operational issues promptly.
Compliance & Reporting: Support internal and external audits by generating evidence, writing detailed reports, and delivering clear, concise technical presentations to leadership.
Leadership & Mentorship: Operate with minimal oversight, taking the initiative to identify and suggest security improvements and drive projects to completion.
Required Qualifications & Experience:
- 8+ years of progressive experience in IT, with at least 5 years dedicated to Cloud Security Engineering in a multi-cloud environment.
- Expert-level proficiency in Infrastructure as Code (IaC) for security automation using Terraform and/or CloudFormation.
- Deep practical experience securing at least three of the following major cloud providers: AWS, Azure, GCP, and OCI.
- Proven expertise in system hardening using industry standards like CIS Level 2 and DISA STIGs.
- Extensive experience with Linux administration and securing containerization technologies, specifically Kubernetes.
- Hands-on experience with advanced security platforms, including at least two of the following: Palo Alto Prisma Cloud, Orca, Google SecOps, and Palo Alto Next Generation Firewalls.
- Demonstrated experience with WAF solutions, such as F5 or equivalent cloud-native services.
- Strong working knowledge of DevSecOps principles, including integrating security tools into CI/CD pipelines.
- Proven experience with Secret Management solutions (e.g., HashiCorp Vault, AWS Secrets Manager).
- Excellent written and verbal communication skills, including the ability to write executive-level reports and deliver technical presentations.
- Proven ability to operate independently and take ownership of critical responsibilities.
Preferred Requirements:
- Experience working within highly regulated environments, such as FedRAMP, DoD, or similar government/financial sectors.
- Demonstrated experience with implementing and maintaining controls for security frameworks such as ISO 27001 and SOC 2.
- Experience conducting formal threat modeling and risk analysis.
- Experience gained from both a large enterprise environment (for process and scale) and a fast-paced startup/tech company (for agility and innovation).
- Relevant industry certifications (e.g., CISSP, CCSP, AWS/Azure/GCP Security Specializations).
Zimperium® is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.
There are more than 50,000 engineering jobs:
Subscribe to membership and unlock all jobs
Engineering Jobs
60,000+ jobs from 4,500+ well-funded companies
Updated Daily
New jobs are added every day as companies post them
Refined Search
Use filters like skill, location, etc to narrow results
Become a member
🥳🥳🥳 452 happy customers and counting...
Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.
To try it out
For active job seekers
For those who are passive looking
Cancel anytime
Frequently Asked Questions
- We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
- We've got over 200,000 jobs from 15,000+ vetted companies. No fake or sleazy jobs here!
- We aggregate jobs from 15,000+ companies' career pages, so you can be sure that you're getting the most up-to-date and relevant jobs.
- We're the only job board *for* software engineers, *by* software engineers… in case you needed a reminder! We add thousands of new jobs daily and offer powerful search filters just for you. 🛠️
- Every single hour! We add 2,000-3,000 new jobs daily, so you'll always have fresh opportunities. 🚀
- Typically, job searches take 3-6 months. EchoJobs helps you spend more time applying and less time hunting. 🎯
- Check daily! We're always updating with new jobs. Set up job alerts for even quicker access. 📅
What Fellow Engineers Say