Senior Cloud Security Engineer
Horizon3.ai
Location
US, Remote
Employment Type
Full time
Location Type
Remote
Department
IT & Security
Get to Know Us
Horizon3.ai is a fast-growing, remote cybersecurity company dedicated to the mission of enabling organizations to proactively find, fix and verify exploitable attack vectors before criminals exploit them. Our flagship product, the NodeZeroTM platform, delivers production-safe autonomous pentests and other key assessment operations that scale across the largest internal, external, cloud, and hybrid cloud environments. NodeZero has been adopted by organizations of all sizes, from small educational institutions to government agencies and Global 100 enterprises. It is used by IT Ops/SecOps teams, consulting pentesters, and MSSPs and MSPs.
We are a fusion of former U.S. Special Operations cyber operators, startup engineers & operators, and formerly frustrated cybersecurity practitioners. We're committed to helping solve our common security problems: ineffective security tools and false positives, resulting in alert fatigue, blind spots, "checkbox” security culture, cybersecurity skills shortage, and the long lead time and expense of hiring outside consultants. Collectively, we are a team of learn it alls, committed to a culture of respect, collaboration, ownership, and results.
As a remote first company, we require minimum 25Mbps consumer grade broadband connection.
What You’ll Do
We are seeking a skilled Sr. Cloud Security Engineer with strong focus on AWS to join our growing team. The ideal candidate will be a self-starter with a "learn it all" attitude and a strong desire to stay current with the latest trends and technologies in the field. In this role, you will be responsible for designing, implementing, maintaining, and validating security solutions for our AWS cloud infrastructure. Your role will involve working closely with development and engineering teams to ensure secure cloud architecture and implementation.
This role will be responsible for…..
Strong experience with modern SDLC tools and branching strategies
Design and implement security controls across our AWS environment (e.g., IAM, SCPs, VPC security, S3 bucket policies, security groups, key management, logging).
Continuously monitor and improve cloud posture by managing and tuning services like GuardDuty, Security Hub, AWS WAF, CloudTrail, and Inspector
Develop and maintain security policies, standards, and procedures to ensure compliance with industry standards such as SOC2, GDPR, ISO27001, FedRAMP, etc.
Evaluate and recommend new security technologies, tools, and techniques to improve the security posture of our AWS cloud infrastructure.
Implement and maintain Gitlab CI/CD pipelines and tools for automated security testing and scanning of AWS resources.
Conduct threat modeling, architecture reviews, and risk assessments for cloud deployments and new features
Implementing security features and monitoring tools, performing periodic security assessments to verify best practice configuration and secure systems hardening in the cloud
Responding swiftly to new and emerging security threats and vulnerabilities with the cloud
Where required, investigate suspected attacks and help manage security incidents including providing post-mortem analysis, identify causes, develop solutions and preventive measures
Implement process and technologies that reduce cloud security deficiencies and help develop creative reporting mechanisms including metrics/key themes that communicate risk to business owners and leadership
Participate in development and implementation of cloud security standards and cloud service certification
Provide subject matter expertise to assist with building detective controls for malicious activity within the AWS environment.
Define and enforce identity and access management (IAM) best practices, including least privilege policies, federated identity, role-based access control (RBAC), and automated remediation.
Demonstrate a commitment to integrity, process improvement, and customer satisfaction
What You’ll Bring
In-depth knowledge of Terraform and Gitlab
Deep knowledge of AWS services and security architecture
Strong understanding of AWS security and data security principles
Experience with threat modeling and risk assessments
Excellent communication skills and ability to explain technical concepts to non-technical stakeholders
Ability to work independently and as part of a team, and a strong sense of ownership and accountability
Knowledge of compliance standards such as SOC2, GDPR, ISO27001, FedRAMP, etc.
Familiarity with cybersecurity frameworks such as NIST, CIS, and MITRE ATT&CK
Knowledge of Data Loss Prevention (DLP) including data classification, identification, and protection
Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as: (Logs and events processing, Incident Management, detection, response tool development, etc.)
What Sets You Apart?
5+ years of general cybersecurity field experience
5+ years of experience in securing cloud environments
AWS Certified Security - Specialty
CISSP or relevant security certifications preferred
5+ Experience securing an Amazon Web Services (AWS) environment.
Compensation and Values
At Horizon3, we believe that our people are our greatest asset, and our compensation philosophy reflects this core value. We are committed to fostering an environment where all employees feel valued, respected, and rewarded for their contributions. Our compensation structure is designed to be fair, competitive, and transparent, ensuring that every team member is recognized and compensated equitably across roles, levels, and locations.
In accordance with various State’s transparency regulations, we provide the following salary range information for this position:
Base salary range: $185,000 - $215,000 annually. The exact salary will be determined based on the selected candidate’s location, qualifications, experience, and relevant skills.
Additional compensation: This role may also be eligible for an equity package (in the form of stock options). If any other compensation benefits apply, they will be discussed during the interview process.
Perks of Horizon3.ai
Inclusive Team: We value diversity and promote an inclusive culture where everyone can thrive.
Growth Opportunities: Be part of a dynamic and growing team with numerous career development opportunities.
Innovative Culture: Work in a collaborative environment that encourages creativity and out-of-the-box thinking.
Remote Work: We are a 100% remote company. Enjoy the flexibility to work in the way that supports you and brings out your best.
Competitive Compensation: We offer competitive salary and benefits which includes health, vision & dental care for you and your family, a flexible vacation policy, and generous parental leave.
You Belong Here
Horizon3 is not just an equal opportunity employer - we are a community that values diversity, equity, and inclusion as fundamental principles of our culture and success. We are dedicated to fostering a workplace where everyone feels welcome and respected, regardless of race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, hair length or any other legally protected status by law.
Our commitment to diversity and inclusion means we strive to attract, develop, and retain a workforce that reflects the varied communities we serve. We believe that diverse perspectives drive innovation and strengthen our ability to create cutting-edge cybersecurity solutions. At Horizon3, every team member is valued and supported in an environment that encourages personal and professional growth.
We welcome candidates from all backgrounds and experiences, and we encourage all qualified individuals to apply. Come be a part of Horizon3, where your unique contributions are recognized, and your potential is limitless.
Other Duties
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities, and activities may change at any time with or without notice.
Application Note
In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.