Application and Cloud Security Engineer
Application and Cloud Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Real is a fast-growing national real estate brokerage powered by technology. Real is currently operating in all U.S. states Canada India and the District of Columbia. Founded in 2014 Real is a trailblazer in the Residential Real Estate industry as we lead the disruption with our cutting-edge technology platform. We are on a mission to revolutionize the home-buying and selling process making agents lives better while creating lucrative financial opportunities for them.
For more information visit US based remote position candidates outside of the US will not be considered.
Job Summary:
We are seeking an Application and Cloud Security Engineer to join our IT team at Real. The ideal candidate will lead the integration of security best practices into our software development and infrastructure this role you will work closely with engineering teams to embed security into CI/CD pipelines harden Kubernetes clusters and safeguard our applications cloud services and containerized environments. You will proactively identify and mitigate security risks ensuring the resilience and integrity of our critical systems while enabling secure scalable growth.
Duties/Responsibilities:
Application Security
Integrate AppSec throughout the SDLC: secure design threat modeling code reviews.
Automate SAST/DAST/IAST tools in pipelines and triage vulnerabilities.
Support bug bounty security releases and secure architecture reviews.
Cloud Security
Design and implement cloud security controls in AWS/GCP.
Build IAM policies encryption strategies logging and network segmentation.
Perform cloud vulnerability assessments and pen tests integrating IaC validation.
Kubernetes Security
Harden Kubernetes clusters: nodes control plane network policies and CNI.
Audit K8s deployments vs. benchmarks (e.g. CIS).
Implement RBAC pod policies security contexts and mesh security (mTLS).
Integrate security tools like Trivy Falco kube-bench and manage supply-chain risks using admission/webhooks.
Security Engineering & Automation
Develop internal security tooling and scripts.
Assist with incident response involving apps clouds or K8s environments.
Enhance metrics and tooling for vulnerability tracking and security posture.
Required Skills/Abilities:
Secure coding and threat modeling using OWASP/NIST/CSA frameworks.
Scripting languages like Python Go or Bash.
Kubernetes ecosystem: Helm Terraform Prometheus service mesh tools.
Vulnerability scanners: Trivy kube-bench Falco.
Cloud-native monitoring and CSPM/CNAPP familiarity.
Strong communicator who mentors dev and infra teams.
Analytical with a security-first mindset focus on detection prevention and response.
Able to distill complex security issues for technical and executive audiences.
Education and Experience:
Bachelors in CS Engineering or equivalent.
3 years in AppSec CloudSec or K8s security.
Hands-on with SAST/DAST CI/CD tools and cloud-native security.
Proficiency with Kubernetes security best practices (pods policies RBAC).
Familiar with cloud platforms: AWS Azure or GCP especially securing container workloads.
Must Have:
Ability to truly encompass our Company Core Values
Work Hard Be Kind
Tech x Humanity
We are bigger than me
Real is proud to be an equal opportunity workplace employer. We are committed to equal employment opportunities regardless of race color ancestry religion sex national origin sexual orientation age citizenship marital status disability gender identity or Veteran status.
Employment Type
Full-Time
