Semperis

Senior Cloud Security Engineer

Semperis$120K — $150K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 6+ years in cloud security or related roles
  • Hands-on experience in Azure or AWS, ideally both
  • Experience securing production Kubernetes environments
  • Proven skills in cloud network security including firewalls and secure connectivity
  • Strong grasp of cloud security architecture and preventative controls
  • Expertise in Infrastructure as Code and scripting languages
  • Ability to work independently and provide architectural guidance

Responsibilities

  • Own security architecture and guardrails for cloud environments
  • Evolve Cloud Security Posture Management capabilities
  • Engineer and maintain cloud network security controls
  • Define security best practices for Kubernetes environments
  • Collaborate on architecture reviews for new services and platforms
  • Maintain identity and access security controls
  • Apply security principles to FinOps and define cost-optimized guardrails
  • Develop automation and self-service workflows for security processes
  • Communicate security risks and recommendations to stakeholders
  • Mentor junior engineers to improve organizational security maturity

Benefits

  • Hybrid work model with up to three days in the office
  • Opportunities for mentorship and skill development
  • Dynamic work environment in an expanding cloud security team
  • Engagement with cross-functional teams and leadership
  • Exposure to compliance practices in regulated environments
Full Job Description
What We Are Looking For

As we continue to scale our cloud footprint and regulated offerings, we are expanding our Cloud Security team with a Senior Cloud Security Engineer who thrives at the intersection of cloud platforms, security engineering, networking, and automation.

We are looking for a Senior Cloud Security Engineer to help build secure-by-default cloud platforms across Azure and AWS. This is an engineering-focused role centered on preventive controls, scalable guardrails, Kubernetes security, network security, and automation, not a SOC or incident-response-first position.

Primary focus areas: cloud security guardrails, Kubernetes security, cloud network controls, and automation across Azure and AWS

What You Will Do
  • You will own the security architecture, guardrails, and automation patterns, while partnering with platform and infrastructure teams on implementation.
  • Own and evolve Cloud Security Posture Management (CSPM) capabilities, including policies, guardrails, and automated remediation.
  • Engineer and maintain cloud network security controls, including network segmentation and isolation, cloud-native firewalls and security groups, Application Gateway / WAF configurations, and secure ingress and egress patterns.
  • Define and enforce security best practices for Kubernetes environments (AKS/EKS), including RBAC, network policies, workload isolation, and cluster hardening.
  • Partner with engineering teams on architecture reviews for new services, platforms, and major changes, helping teams design secure, compliant, and practical solutions.
  • Engineer and maintain identity and access security controls for cloud and production environments, including least privilege, workload identity, service principals, and conditional access.
  • Apply a security lens to FinOps, defining guardrails that balance cost optimization with security and compliance.
  • Develop tooling, automation, and self-service workflows that reduce manual effort and improve consistency across security programs.
  • Communicate complex security risks and technical recommendations clearly to engineering teams, leadership, and cross-functional stakeholders.
  • Mentor junior engineers and contribute to raising the overall security maturity of the organization.


What You Will Bring (Required)
  • 6+ years of experience in cloud security, security engineering, or cloud platform engineering roles.
  • Deep hands-on security experience in Azure or AWS is required; experience across both is strongly preferred.
  • Hands-on experience securing production AKS/EKS environments, including RBAC, network policies, workload identity, admission controls, image/runtime controls, and cluster hardening.
  • Proven experience with cloud network security, including firewalls, WAFs, network segmentation, and secure connectivity patterns.
  • Strong understanding of cloud security architecture, including shared responsibility models, secure service design, and defense-in-depth.
  • Experience with preventative security controls, including CSPM, policy enforcement, and secure cloud baselines.
  • Cloud automation experience using Infrastructure as Code tools such as Terraform, Bicep, or CloudFormation, plus scripting with Python, PowerShell, Bash, or similar languages.
  • Ability to operate independently, own complex problem spaces, and deliver practical, scalable solutions.
  • Strong communication skills and comfort providing architecture-level guidance to engineering teams.
  • Experience working in regulated environments

Bonus Points
  • Experience contributing to or supporting compliance programs such as FedRAMP, SOC 2, ISO 27001, or NIST frameworks.
  • Familiarity with CI/CD pipelines and DevSecOps practices.
  • Experience with identity and access management in cloud environments (RBAC, workload identity, service principals) is a strong plus.

What Success Looks Like
• Secure by default cloud patterns are documented, automated, and adopted by engineering teams.
• CSPM findings are prioritized, routed, and remediated through repeatable workflows.
• Kubernetes and cloud network controls are consistently implemented across production environments.
• Engineering teams receive practical security guidance early in design, not after deployment.

**Semperis maintains office locations in several cities across the globe. Where the job description specifies a required location, candidates will follow our hybrid work model. This includes working up to three days per week and remotely the remaining days.

About Semperis

Semperis is a cybersecurity company that specializes in identity-driven security solutions for Microsoft enterprise environments. The company was founded in 2013 and is headquartered in New York City, with additional offices in Tel Aviv and London. Semperis' products and services help organizations protect their critical assets from cyber threats, including ransomware, phishing, and other attacks. The company's solutions are used by Fortune 500 companies, government agencies, and other organizations around the world. Semperis is committed to innovation and has received numerous awards for its technology and services.
Learn more about Semperis
Size
100 employees
Industry
Net Income
-$5 million
Founded
2013
5 Year Trend
+50%
Revenue
$10 million
NASDAQ

Similar Jobs

More Jobs at Semperis

More Information Technology Jobs

Find similar Senior Cloud Security Engineer jobs: