Staff AWS Cloud Security Engineer

Zoox Cybersecurity is seeking a AWS Cloud Security Engineer to lead the design and implementation of secure, scalable, and software-defined infrastructure in our AWS cloud environment. This role is responsible for establishing best-in-class security practices across AWS, driving automation-first infrastructure security, and partnering with engineering and platform teams to embed security into every layer of our technology stack. You’ll act as a security champion, ensuring that infrastructure designs meet the highest standards of confidentiality, integrity, and availability. While maintaining operational efficiency and scalability through Infrastructure as Code (IaC). This role requires a strategic thinker with deep technical expertise in cloud security architecture, network security principles, and cloud-native vulnerability management.

The ideal candidate will blend hands-on technical skills with leadership capabilities to guide both security initiatives and team development.

In This Role, You Will...

Cloud Security Engineering and Architecture

• Design and implement enterprise-grade AWS security architectures using zero-trust principles
• Develop organization-wide security standards for IAM, VPC configurations, and data protection mechanisms
• Architect multi-account AWS environments with Security Hub, GuardDuty, and AWS Config integrations
• Lead Cloud Security Posture Management (CSPM) initiatives using Infrastructure-as-Code (Terraform/CloudFormation)

Network Security

• Design and support secure network architectures using AWS constructs (TGW, GWLB, Firewalls)
• Implement layered defenses with WAF, Firewalls, Security Groups, and Network ACLs
• Optimize security controls for hybrid cloud environments and SD-WAN integrations

Cloud Vulnerability Management

• Establish risk-based vulnerability prioritization frameworks for cloud assets
• Develop automated remediation pipelines using CI/CD tools and OPA policies
• Conduct attack surface analysis through cloud-specific threat modeling

Leadership Expectations

• Mentor a team of 2 or more Cloud Security Analysts
• Lead cross-functional collaboration with SRE, ProdSec, IT, and Software Engineering teams
• Develop security training programs and cloud security certification paths
• Oversee vendor relationships for cloud security tooling and services
• Proven experience developing security analysts through mentorship
• Strong background in creating security policy frameworks and technical documentation

Qualifications

• 10+ years of Security Engineering experience supporting production and/or DevOps environments, both Cloud and On-premises, along with proficiency with security automation using Python/Go and/or Terraform
• Experience implementing, administering, and supporting Cloud platform system/network vulnerability scanning tool(s), and development of microservice-based architectures
• Deep understanding of NIST CSF, MITRE ATT&CK Cloud Matrix, and CIS AWS Benchmarks
• Strong understanding of vulnerability scoring frameworks and business risk decision making
• Experience with: hybrid enterprise environments (cloud plus on-premises data centers); DevOps tools, artifact repositories, and Infra-as-code technology; dashboard technologies.
• Expert-level AWS security implementation experience

Bonus Qualifications

• AWS Certifications / AWS Certified Security - Specialty
• XSOAR (preferably Palo Alto Networks) and general automation development experience Experience with shell scripting, API usage and integration in Linux and Windows
• Palo Alto Networks Certified Security Engineer

$219,000 - $263,000 a year

Base Salary Range

There are three major components to compensation for this position: salary, Amazon Restricted Stock Units (RSUs), and Zoox Stock Appreciation Rights. A sign-on bonus may be offered as part of the compensation package. The listed range applies only to the base salary. Compensation will vary based on geographic location and level. Leveling, as well as positioning within a level, is determined by a range of factors, including, but not limited to, a candidate's relevant years of experience, domain knowledge, and interview performance. The salary range listed in this posting is representative of the range of levels Zoox is considering for this position.

Zoox also offers a comprehensive package of benefits, including paid time off (e.g. sick leave, vacation, bereavement), unpaid time off, Zoox Stock Appreciation Rights, Amazon RSUs, health insurance, long-term care insurance, long-term and short-term disability insurance, and life insurance.

About Zoox

Zoox is developing the first ground-up, fully autonomous vehicle fleet and the supporting ecosystem required to bring this technology to market. Sitting at the intersection of robotics, machine learning, and design, Zoox aims to provide the next generation of mobility-as-a-service in urban environments. We’re looking for top talent that shares our passion and wants to be part of a fast-moving and highly execution-oriented team.

Accommodations

If you need an accommodation to participate in the application or interview process please reach out to [email protected] or your assigned recruiter.

A Final Note:

You do not need to match every listed expectation to apply for this position. Here at Zoox, we know that diverse perspectives foster the innovation we need to be successful, and we are committed to building a team that encompasses a variety of backgrounds, experiences, and skills.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.