CloudDevOps Security Engineer
Share
Job Location:
Monthly Salary:
Posted on:
Yesterday
Vacancies:
1 Vacancy
Job Summary
WHO WE ARE
We are PEAK6 a leading investment firm using technology to find a better way of doing things. The companys first tech-based solution was developed in 1997 to optimize options trading and over the past two decades the same formula has been used across a range of industries asset classes and business stages to consistently deliver superior results. Today PEAK6 seeks transformational opportunities to provide capital and strategic support to entrepreneurs and forward-thinking businesses. PEAK6s core brands include PEAK6 Capital Management PEAK6 Strategic Capital Apex Fintech Solutions FOCUS We Insure Evil Geniuses Poker Power Zogo and Bruce Markets.
ABOUT THIS ROLE
Your goal is simple and ambitious: make cloud and platform security safe by
default. Youll deploy and operate CSPM across GCP and AWS route and
close posture gaps through Jira with tuned suppressions and give
engineering teams paved-road guardrails (reusable modules policy checks)
that keep delivery fast and secure.
What youll do
Run CSPM across orgs/accounts: connect GCP Security Command Center and AWS Security Hub map findings to owners/SLAs in Jira and reduce noise with scoped suppressions.
Enforce organization policies: no public buckets restricted legacy OAuth scopes domain restrictions baseline logging/encryption and CMEK where required.
Build the paved road: deliver reusable Terraform modules/blueprints with baked-in controls; add pre-commit and CI/CD policy checks that prevent risky changes from shipping.
Support secure egress & posture gates: partner with the Senior Engineer on Netskope SD-WAN to define app-aware egress and posture-based access for sensitive apps (later in 2026).
Elevate container/image hygiene: introduce basic image signing/scanning minimal bases and sane secrets handling patterns in CI/CD.
Stop certificate outages: maintain inventory alerts and a renewal workflow (ACME where feasible).
Identity intersections: verify admin MFA enforcement break-glass testing cadence and JML hooks that impact cloud access.
What youll bring
Experience: 47 years in cloud/platform security with GCP and/or AWS at multi-account/organization scope; proven CSPM operations and Jira-routed closure with SLAs.
Hands-on CSPM experience (SCC/SecHub or similar) at multi-account/multi-org scope plus routing and closure in Jira with SLAs.
IaC fluency (Terraform) and a track record of reusable secure modules and policy-as-code checks in pipelines.
Working knowledge of GCP/AWS org policies/controls; ability to balance developer velocity with strong defaults.
Practical CI/CD exposure (you secure it; you dont have to build/own the pipelines).Clear communication documentation and a habit of proving posture with simple scorecards.
Certifications (nice to have not required)
GCP Professional Cloud Security Engineer AWS Security Specialty HashiCorp Terraform Associate CKA/CKS; GIAC GCSA/GC cloud tracks.
How well measure success
CSPM is connected and useful: findings reach the right owners with actionable tickets and less noise over time.
Core org policies are enforced and posture improvements are visible and sustained.
Paved-road guardrails are adopted by engineers and reduce manualsecurity rework.
Certificate renewals are predictable with no surprise expirations.
#LI-P6
OUR REWARDS
We offer a robust package of employee perks and benefits including healthcare benefits (medical dental and vision EAP) competitive PTO 401k match parental leave and HSA contribution match. We also provide our employees with a paid subscription to the Calm app and offer generous external learning and tuition reimbursement benefits. As a hybrid workforce we offer our employees the ability to work remotely up to two days a week.
PEAK6 is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color religion sex (including pregnancy sexual orientation and gender identity) national origin age disability veteran status marital status or any other protected characteristic. Our hiring practices ensure that all qualified applicants receive fair consideration without regard to these characteristics.
PEAK6 is committed to creating an inclusive and accessible workplace for all candidates including those with disabilities. We are dedicated to ensuring equal employment opportunities and providing reasonable accommodations to qualified individuals with disabilities. If you require reasonable accommodations to participate in the application or interview process please contact our HR department at We will work with you to provide the necessary accommodations to ensure your full participation in our hiring process.
#PEAK6
Key Skills
- Splunk
- IDS
- Network security
- Computer Networking
- Identity & Access Management
- PKI
- PCI
- NIST Standards
- Security System Experience
- Information Security
- Encryption
- Siem
