Cloud Security Lead

Verified

Cleo

Remote US

Remote OK

Posted 1 months ago

Posted 17 March 2026

2 views

full-time

About the Role

Cleo is seeking a Lead Cloud Security Engineer to design, implement, and continuously improve security controls across our cloud infrastructure and SaaS environments.  This role is responsible for strengthening Cleo’s AWS security posture, embedding secure-by-default cloud guardrails, and partnering closely with Platform and Engineering teams to reduce infrastructure risk without slowing innovation.  The ideal candidate is hands-on, technically deep in AWS, and experienced in building scalable cloud security capabilities in a high-growth SaaS environment.    <h3>What You Will Be Doing</h3> Cloud Security Architecture  <ul> <li> Design and implement secure cloud architecture patterns</li> <li> Establish guardrails for AWS accounts and services</li> <li> Strengthen multi-account strategy and segmentation</li> <li> Improve IAM design, permission boundaries, and least-privilege models</li> <li> Review major infrastructure changes for security impact</li> </ul> Cloud Detection and Visibility  <ul> <li> Implement and tune cloud-native detection capabilities</li> <li> Integrate AWS security services into centralized monitoring</li> <li> Identify misconfigurations and excessive permissions </li> <li> Improve signal-to-noise ratio in cloud alerts</li> </ul> Infrastructure as Code Security  <ul> <li> Embed security controls into Terraform or other IaC workflows </li> <li> Enforce policy-as-code guardrails</li> <li> Ensure IaC scanning is integrated into CI/CD pipelines </li> <li> Reduce configuration drift across environments</li> </ul> Vulnerability and Configuration Management  <ul> <li> Oversee cloud misconfiguration detection and remediation</li> <li> Track infrastructure vulnerability exposure</li> <li> Reduce critical vulnerability exposure window</li> <li> Partner with Platform teams to automate remediation</li> </ul> Data Protection and Encryption  <ul> <li> Ensure proper encryption standards across storage and databases</li> <li> Manage KMS usage and key lifecycle best practices</li> <li> Strengthen logging and monitoring coverage</li> </ul> Incident Response Support  <ul> <li> Lead cloud-focused investigations during security incidents</li> <li> Improve forensic readiness in AWS</li> <li> Harden logging and evidence retention practices</li> </ul> Automation and Continuous Improvement  <ul> <li> Automate guardrails and enforcement mechanisms</li> <li> Improve developer experience with secure cloud defaults</li> <li> Reduce manual cloud security reviews</li> <li> Optimizing tooling cost and effectiveness </li> </ul> Metrics and Reporting  <ul> <li> Define KPIs for cloud security posture</li> <li> Report on misconfiguration trends and exposure windows</li> <li> Provide executive-level reporting on infrastructure risk</li> <li> Support audit and compliance evidence collection</li> </ul>   <h3>Your Qualifications</h3>  Required  <ul> <li> 7+ years of experience in cloud security, cloud engineering, or infrastructure security</li> <li> Deep expertise in AWS architecture and services </li> <li> Strong understanding of IAM design and least-privilege principles</li> <li> Experience with Infrastructure as Code and CI/CD integration</li> <li> Experience implementing

Cloud Security Lead

About the Role

Related Searches

Ready to apply?

Similar Roles

Tech Lead, Android Core Product - Düsseldorf, Germany

Tech Lead, Web Core Product & Chrome Extension - Munich, Germany

Tech Lead, Web Core Product & Chrome Extension - Cologne, Germany