Staff Security Engineer

Detailed Description From Employer:

Staff Security Engineer

Location: Remote

Duration: 6 months+

We are seeking a Staff Security Engineer to drive our security engineering strategy and secure our rapidly expanding cloud infrastructure. This role requires deep technical expertise across systems, virtualization, cloud platforms, containers, automation, and secure software engineering practices. The ideal candidate is an engineer at their core capable of building, securing, explaining, and improving complex systems end-to-end with the rigor expected of a staff-level practitioner.

Responsibilities

Security Architecture & System Design

Design, build, and secure complex systems across AWS, Google Cloud Platform, and Kubernetes. Apply secure design principles to architectures such as LAMP stacks, microservices, CI/CD pipelines, and data workflows. You should be able to use examples like securing a traditional LAMP stack and describing how it would evolve into a secure Kubernetes deployment to demonstrate how you reason about architecture and system behavior.

Virtualization & Cloud Internals Expertise

Bring a strong understanding of how modern cloud infrastructure is built and why it behaves the way it does. This includes familiarity with AWS s evolution from Xen to Nitro/KVM to Firecracker. You should be able to walk through illustrative topics such as comparing paravirtualization, full virtualization, and hardware-assisted virtualization, and explain how these models influence system design.

Containerization & Kubernetes Security

Deploy and secure containerized workloads with a deep understanding of isolation boundaries and runtime behavior. You should be comfortable using examples such as explaining how containers share a host kernel and how namespaces, cgroups, and seccomp policies define isolation to demonstrate your familiarity with container and Kubernetes internals.

Cloud Security Engineering

Architect secure cloud-native environments using AWS and Google Cloud Platform capabilities. Implement secure network patterns, IAM structures, workload protections, and monitoring architectures. You should be able to use scenarios like evaluating what happens when an internal monitoring system is exposed to the internet to show how you analyze cloud risks and develop mitigations.

Traditional Engineering Principles & Standards

As a staff-level engineer, you are expected to execute and articulate strong engineering practice. You must be able to apply the Principles of Software Engineering (PoSE), operate within the SDLC, and define or enforce engineering guidelines and standards. You should be able to walk through concrete examples such as evaluating an architectural design, identifying violations of engineering principles, or introducing standards that improve security, maintainability, and long-term operational integrity.

Hands-On Engineering

Although not a dedicated development role, you should be capable of building small applications or prototypes when necessary. Examples might include sketching out a simple

application or chatbot, explaining how it functions under the hood, and outlining how you would secure it. Your ability to move fluidly between design, implementation, and security is essential.

Automation, Scripting & Integration

Develop automation using Python, Bash, and APIs. Build secure data flows and integrate security capabilities into engineering systems. You should be able to use examples such as taking a basic threat-intelligence script and describing how it could be deployed safely and reliably across the organization to illustrate how you scale ideas into production-ready capabilities.

Thought Leadership & Cross-Functional Collaboration

Operate as a staff-level technical leader who combines security expertise with strong engineering fundamentals. Lead architectural discussions, mentor engineers, and elevate

security and engineering maturity across teams. Illustrative examples might include guiding a team toward a more secure and maintainable design without direct ownership, or shaping engineering decisions by applying engineering principles and structured reasoning.

Security Standards & Compliance

Define and uphold technical security and engineering requirements. Conduct deep architectural and product security reviews while ensuring alignment with secure design principles and engineering standards. You should be able to use examples such as outlining the first questions you ask when evaluating a new system to show how you identify and assess risk.

Documentation

Create clear, comprehensive documentation for architectures, systems, and procedures. You might reference prior examples where you documented a complex environment in a way that enabled teams to operate securely, consistently, and confidently. Strong written clarity is essential for this role.

Required Qualifications

Experience: Minimum 7 years in security, cloud, or infrastructure engineering

Engineering Discipline: Demonstrated ability to apply strong engineering fundamentals, including PoSE, SDLC, and secure design principles

Cloud Platforms: Strong experience in AWS; familiarity with Google Cloud Platform

Systems Knowledge: Deep understanding of OS internals, virtualization, containers, and modern cloud architecture

Scripting & Programming: Proficiency in Python, Bash, and working with APIs

Security Skills: Experience with AWS security tooling, SIEM, CIEM, EDR, Kubernetes security, and network security fundamentals

Education: Academic or professional background in security engineering, computer science, or equivalent experience

Proven ability to operate independently at a staff level with minimal guidance Preferred Qualifications

Strong communication skills; able to explain complex concepts to technical and non-technical audiences

Experience performing deep investigations and root-cause analysis

Familiarity with secure data pipelines, automation frameworks, and modern software delivery practices

Demonstrated ability to mentor engineers and lead cross-functional security and engineering initiatives