Staff Cloud Security Engineer (Breakthrough)

What Youll Do

Technical Leadership

• Provide technical guidance and security expertise across engineering teams.

• Lead the implementation of security best practices and advocate for secure design development and deployment processes.

• Collaborate with Engineering Directors Principal Engineers and Corporate InfoSec to align security strategy with product and platform goals.

• Serve as the primary security point of contact within the Engineering organization.

Development & Automation

• Design and implement security tooling and automation to support DevSecOps practices.

• Write scripts and lightweight tools (e.g. in Python Bash) to automate detection remediation and compliance workflows.

• Contribute to infrastructure and CI/CD security by embedding secure guardrails in Terraform Bitbucket pipelines and deployment pipelines.

Architectural Design

• Lead threat modeling and secure architecture reviews across our GCP-native SaaS platform.

• Partner with Cloud Engineering to integrate security into infrastructure provisioning and platform components.

• Translate compliance and security frameworks (e.g. SOC 2 NIST 800-53 FedRAMP CIS Controls) into actionable scalable policies and controls in infrastructure and code.

• Evaluate and recommend security technologies with input from CTO and Corporate InfoSec including GCP-native tools CrowdStrike and modern SIEM/SOAR platforms.

Technical Excellence

• Drive the evaluation and adoption of cloud-native and modern security tools (e.g. Google SCC Chronicle Panther CrowdStrike).

• Build and tune threat detection capabilities to identify and respond to cloud misuse API abuse and potential data exfiltration.

• Maintain incident response playbooks and lead security incident investigations in collaboration with Corporate InfoSec.

Innovation and Research

• Stay current with cloud security trends threat actor TTPs (tactics techniques and procedures) and evolving best practices.

• Proactively identify opportunities to reduce risk and increase automation across the SDLC and cloud environment.

Collaboration

• Partner with engineering teams to foster a culture of secure coding and continuous improvement in security posture.

• Collaborate with Breakthroughs GRC Lead and Sr. Director of Technology Operations on audits and client due diligence.

• Participate in periodic reviews with Corporate InfoSec to ensure alignment and maintain a strong security posture.

• Mentor engineers in secure development practices and support team learning on threat modeling authentication and data protection.

• Bachelors degree in Computer Science or a related technical field involving coding (e.g. physics or mathematics) or equivalent technical experience.

• 10 years of experience in security engineering cloud security DevSecOps or related technical domains ideally within a SaaS or product-focused organization.

• In-depth experience designing and implementing scalable cloud-native security solutions with a strong understanding of Google Cloud Platform (GCP) services such as IAM VPC Security Command Center Workload Identity and GKE.

• Strong proficiency in multiple programming or scripting languages specifically Python Go and Bash with an emphasis on automation and tool development.

• Demonstrated experience with infrastructure as code (IaC) and policy as code including tools such as Terraform CI/CD pipelines and frameworks like OPA or Sentinel.

• Hands-on experience with modern SIEM/SOAR platforms (e.g. Chronicle Panther) and the ability to develop high-fidelity detection logic.

• Expertise in secure development practices application security threat modeling and advising on secure architecture.

• Familiarity with compliance frameworks such as SOC 2 NIST 800-53 CIS Controls and translating them into technical controls and processes.

• Experience with Agile software development methodologies including Kanban and Scrum.

• Excellent problem-solving skills and the ability to navigate complex technical and security challenges.

• Strong communication skills with the ability to articulate complex security concepts to both technical and non-technical stakeholders.

Preferred:

• Relevant certifications such as Google Professional Cloud Security Engineer Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP).

• Familiarity with DevOps and platform engineering practices and tools.

• Prior experience working in a cross-functional product engineering team.

• Demonstrated leadership experience in guiding teams or influencing security strategy across an organization.

Whileexpertisein every technologyisnt familiarity with our stack is beneficial.Werekeen to work with individuals who bring relevant experience and a willingness to learn.