Key skills
AWSTerraformKubernetesIAMCI/CDLeadershipCommunicationCloud SecurityWAF
About this role
Hex is seeking an experienced Cloud Security Engineer to join their security team. The role involves ensuring the security and resilience of cloud infrastructure, leading cloud security practices, and collaborating with infrastructure and engineering teams to secure cloud-native applications.
Responsibilities:
- Design, implement, and manage security solutions and controls for AWS environments and Kubernetes clusters, including appropriate isolation/sandboxing methods for Hex’s RCE-as-a-Service platform
- Build, deploy, and maintain infrastructure-as-code using Terraform, ensuring robust security standards are enforced
- Conduct security assessments, threat modeling, and audits on AWS cloud infrastructure and Kubernetes deployments
- Collaborate with development and operations teams to embed security best practices into CI/CD pipelines
- Monitor and respond to cloud security incidents, identifying root causes and recommending remediation actions
- Provide expertise in compliance requirements related to cloud security (e.g., SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS)
- Mentor engineers and advocate for cloud security across the organization
Requirements:
- 5+ years of experience in cloud security engineering, with extensive expertise in AWS
- Demonstrated proficiency with Kubernetes security including cluster hardening, role-based access control (RBAC), network policies, and container vulnerability management
- Expert-level knowledge and hands-on experience with Terraform
- Familiarity with AWS security services (e.g., IAM, GuardDuty, Security Hub, CloudTrail, WAF)
- Solid understanding of secure software development lifecycle practices, CI/CD security, and DevSecOps methodologies
- Excellent problem-solving, communication, and leadership skills
- Familiarity with CNAPP solutions such as Wiz
- Familiarity with SIEM solutions such as Panther
- Relevant certifications such as AWS Certified Security – Specialty, Certified Kubernetes Security Specialist (CKS), and Terraform Associate certification are highly desirable
- Bonus points for security certifications from SANS or OffSec