Posted in

Staff Information Security Engineer

Staff Information Security Engineer

CompanyDruva
LocationSanta Clara, CA, USA
Salary$162000 – $227333
TypeFull-Time
DegreesBachelor’s
Experience LevelSenior, Expert or higher

Requirements

  • 8+ years experience in cloud and systems security for medium/large enterprises.
  • Bachelor’s degree in computer science/Engineering or equivalent practical experience.
  • Ability in threat modeling hybrid cloud from an adversarial lens to drive risk prioritization.
  • Strong knowledge of defense-in-depth, attack vectors, web/network protocols, cryptography, security operations, cloud attacker tools/TTP and emerging security intelligence.
  • Proven use of CNAAP/CSPM and vulnerability management tools (Wiz, Prisma,Tenable) and security frameworks (CVE, CVSS, CWE, CIS, SANS, MITRE ATT&CK).
  • Proficient in zero trust principles and IAM/SSO technologies (AWS Identity center, Entra ID /Okta, OAuth, SAML).
  • Hands-on experience in Linux/Unix systems, container security (Docker, Kubernetes) and serverless computing.
  • Skilled in securing cloud-native apps, serverless architectures, containers, microservices, and APIs.
  • Excellent analytical, collaboration, problem-solving and Automation & Scripting (Bash, PowerShell, Python) skills.
  • Cloud security certs like AWS Security Specialty, Azure Security Engineer, and CCSP/CCSK.

Responsibilities

  • Practitioner of modern cloud security (AWS, Azure), adept at Evaluating, designing and implementing secure cloud architectures/services.
  • Define security design/requirements, and recommend hardened architectures, controls, and secure configurations.
  • Demonstrate expertise in cloud-native security tools (e.g., AWS Security Hub, Azure Security Center) and cloud control/data plane services (CloudTrail, IAM, KMS, VPC, S3, WAF, API Gateway, Route 53, etc.).
  • Closely work with Ops (Cloud & Dev), Cyber Defense to integrate security controls into Cloud CI/CD, IaC, administration and response processes – enhancing detection, automation, and compliance.
  • Institute and enforce cloud security policies, ensuring regulatory and industry compliance.
  • Champion enterprise-wide adoption of best practices and frameworks (SOC2, ISO 27001, NIST) across cloud environments.
  • Lead identification, triage, and mitigation of security vulnerabilities/issues (AWS, Azure, GCP).
  • Triage threats, liaise with business teams, and escalate for swift remediation.
  • Perform security assessments of dynamic cloud environments, mitigating risk, exposures and misconfigurations.
  • Work with stakeholders to implement automated, pragmatic controls, delivering business-aligned, risk-balanced solutions.
  • Define and enforce cloud security baselines, protocols for lower-tier environments, continuously monitor the AWS threat landscape and deploy proactive countermeasures; advise teams on secure AWS usage and threat-mitigation strategies.

Preferred Qualifications

  • Experience with cloud-native security tools (e.g., AWS Security Hub, Azure Security Center).
  • Experience with security frameworks (CVE, CVSS, CWE, CIS, SANS, MITRE ATT&CK).
  • Experience with automation and scripting (Bash, PowerShell, Python).
  • Cloud security certifications like AWS Security Specialty, Azure Security Engineer, and CCSP/CCSK.