Avalara APACRemote
Cloud Security Engineer
United States of America
Full Time
2 weeks ago
$136,000 - $225,000 USD
Visa Sponsor
Key skills
PythonAzureGCPTerraformIAMGitLabCI/CDCloud Security
About this role
Avalara is a leading cloud compliance platform company, seeking a Cloud Security Engineer to build automated security solutions for their cloud environments. The role focuses on engineering guardrails, automation, and data-driven capabilities to enhance security across multi-cloud environments.
Responsibilities:
- Build and implement automated cloud security solutions and guardrails using infrastructure as code and cloud-native services
- Assess cloud environments to identify security risks and misconfigurations, and guide remediation through scalable solutions and guidance
- Develop and maintain event-driven automation and data pipelines to detect, prioritize, and respond to security issues
- Support cloud incident response by providing subject matter expertise and contributing to investigation and remediation efforts
- Collaborate with security and engineering teams to improve security posture and integrate solutions into cloud environments
- Design, build, and deploy automated cloud security controls and guardrails using Terraform, Python, and cloud-native services across hyper-scale cloud providers
- Identify security risks and misconfigurations in cloud environments, and translate findings into automated controls, guardrails, and guidance that improve security posture
- Develop event-driven automation and data pipelines using tools like Wiz and cloud-native telemetry to detect, prioritize, and remediate security risks
- Be a cloud security subject matter expert during incident response, supporting investigation, containment, and long-term improvements to detection and response capabilities
Requirements:
- Degree in Information Systems, Information Security, or a related field, or equivalent practical experience in cloud security or engineering
- Experience designing and implementing secure cloud solutions in at least one hyper-scale cloud provider, with an ability and operate across multi-cloud environments
- Experience automating and scaling security solutions using Infrastructure as Code (Terraform), scripting languages (Python preferred), and CI/CD pipelines (GitLab or similar), including integrating with APIs
- Experience with core cloud security principles, including identity and access management (IAM), logging, and cloud-native security services, and the ability to apply them in real-world environments
- Experience assessing cloud environments for risks and misconfigurations, and translating findings into practical, scalable solutions rather than one-off fixes
- Self-motivated and resilient, with experience learning new technologies, adapting to changing environments, and driving work forward with minimal direction
- Experience collaborating across teams, providing guidance, and supporting others to achieve shared security outcomes
- Experience building event-driven automation or security data pipelines using cloud-native services
- Familiarity with multiple cloud platforms (Azure, GCP, OCI)
- Experience working with cloud security posture management tools (e.g., Wiz) and using security data to lead prioritization and remediation
- Experience supporting cloud incident response activities
- Relevant certifications (CISSP, CISA, CISM, or cloud provider certifications)
- Understanding of compliance frameworks such as SOC 2, PCI-DSS, NIST, or ISO 27001
- Experience improving IAM practices or integrating with APIs to build scalable security automation