Staff Cloud Security Engineer

Job not on LinkedIn

🕒 May 5

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Hotel Engine

WebsiteLinkedInAll Job Openings

201 - 500 employees

Founded 2018

🛍️ eCommerce

🚗 Transport

💰 $65M Series B on 2021-12

eCommerce • Transport • Travel

Hotel Engine is a powerful platform that simplifies business travel by allowing companies to easily book, manage, and save on travel needs. The platform offers access to over 750,000 hotels globally, enabling seamless reservations for various group sizes, from small teams to large corporate events. With features like centralized reporting, flexible payment options, and dedicated support, Hotel Engine aims to streamline the travel experience for both organizations and individual travelers, ensuring significant savings in time and money.

📋 Description

• Cloud Security Architecture & Hardening: Lead security hardening across AWS and GCP environments, including identity and access management, network segmentation, logging, monitoring, configuration hygiene, and secure cloud architecture patterns. You will help define standards that scale across teams and cloud platforms. • Cloud Risk Ownership: Own and mature Engine’s approach to identifying, prioritizing, and remediating cloud security risks. You will assess systemic risk, separate high-priority issues from low-value noise, and drive practical remediation in partnership with infrastructure and engineering teams. • Orca Findings Management: Own the end-to-end lifecycle of Orca findings, including monitoring new alerts, triaging severity, identifying root cause, tracking remediation, and driving findings to closure with the appropriate technical owners. • Cloud Alert Response: Serve as a primary responder for cloud-specific security alerts. You will help improve detection quality, reduce response time, and ensure cloud-originated threats are investigated and addressed effectively. • Infrastructure-as-Code Security: Partner with teams using Terraform and related infrastructure-as-code workflows to review, improve, and harden cloud configurations before risk reaches production. • AI Cloud Security: Help secure Engine’s expanding AI-related cloud footprint by identifying risks related to sensitive data, elevated IAM permissions, new service integrations, model/data access patterns, and infrastructure configurations. • Cross-Functional Collaboration: Partner closely with infrastructure, platform, engineering, SecOps, and security leadership to move security work forward. You will adapt your messaging across audiences, build trust with technical teams, and influence decisions without relying on direct authority. • Cloud-Native Threat Detection: Collaborate with SecOps to improve cloud telemetry, cloud-specific detection logic, SIEM signal quality, and response workflows for threats such as credential abuse, lateral movement, misconfigured storage, and data exfiltration. • Security Standards & Advocacy: Build clear, actionable cloud security guidelines, guardrails, and best practices for engineering teams. You will help create the paved paths that allow Engine to move quickly while reducing cloud security risk.

🎯 Requirements

• Cloud Security Expertise: Deep hands-on experience securing modern cloud environments, especially AWS, with strong knowledge of cloud-native security controls, services, risks, and remediation patterns. • Multi-Cloud Capability: Experience with GCP security or the ability to quickly ramp in a multi-cloud environment spanning AWS and GCP. • IAM & Access Control: Strong understanding of cloud IAM, privilege reduction, identity boundaries, service permissions, key management, and common access-control failure modes. • Cloud Architecture Judgment: Ability to evaluate architecture decisions, identify systemic risk, and recommend scalable security patterns that balance risk reduction with engineering velocity. • CSPM / CNAPP Tooling: Experience with cloud security platforms such as Orca, Wiz, Prisma Cloud, Lacework, or similar tools, including triage, prioritization, remediation tracking, and reduction of alert noise. • Infrastructure-as-Code: Hands-on experience reviewing and securing Terraform or other infrastructure-as-code configurations. • Cloud Detection & Response: Experience investigating cloud security alerts and improving telemetry, logging, monitoring, and detection logic across cloud environments. • Engineering Partnership: Proven ability to earn credibility with infrastructure, platform, and engineering teams through practical recommendations, clear communication, and strong technical depth. • Analytical Problem Solving: Ability to assess complex, ambiguous cloud security issues, identify root causes, prioritize risk, and make sound decisions with incomplete information. • Security Program Maturity: Experience building or improving cloud security standards, guardrails, operating rhythms, remediation processes, or security review practices. • AI / Emerging Technology Awareness: Understanding of how AI workloads can expand cloud attack surface through sensitive data usage, elevated permissions, new integrations, and infrastructure complexity. • Compliance & Frameworks: Familiarity with cloud security concepts as they relate to compliance frameworks such as SOC 2, PCI, or similar standards.

🏖️ Benefits

• Compensation: Competitive base pay tied to role and experience, with opportunities for bonuses, commissions, and equity. • Benefits: Check out our full list at http://engine.com/culture. • Environments for Success: Different roles have different needs in terms of the environments that drive success which is why we have a hybrid-hub model. Whether you are in one of our amazing offices or fully remote, we’ll make sure you have what you need to succeed.