Sr. Cloud Security Engineer - FedRamp (Dallas, TX) at Zimperium

Dallas, Texas, United States

Zimperium Logo
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Cybersecurity, Cloud ComputingIndustries

Requirements

  • 8+ years of progressive experience in IT, with at least 5 years dedicated to Cloud Security Engineering in a multi-cloud environment
  • Expert-level proficiency in Infrastructure as Code (IaC) for security automation using Terraform and/or CloudFormation
  • Deep practical experience securing at least three of the following major cloud providers: AWS, Azure, GCP, and OCI
  • Proven expertise in system hardening using industry standards like CIS Level 2 and DISA STIGs
  • Extensive experience with Linux administration and securing containerization technologies, specifically Kubernetes
  • Hands-on experience with advanced security platforms, including at least two of the following: Palo Alto Prisma Cloud, Orca, Google SecOps, and Palo Alto Next Generation Firewalls
  • Demonstrated experience with WAF solutions, such as F5 or equivalent cloud-native services
  • Strong working knowledge of DevSecOps

Responsibilities

  • Design, implement, and manage security best practices and controls for services hosted across AWS, Azure, GCP, and OCI environments (Multi-Cloud Security Architecture)
  • Act as the subject matter expert for security automation, leveraging CloudFormation and/or Terraform to deploy secure infrastructure consistently and at scale (Infrastructure as Code (IaC) & Automation)
  • Implement and enforce rigorous security configuration benchmarks, specifically CIS Level 2 and DISA STIGs, across all compute environments, including various flavors of Linux and Kubernetes clusters (System Hardening)
  • Configure, manage, and optimize cloud-native and third-party security tools such as Palo Alto Prisma Cloud, Orca, Google SecOps, and Palo Alto Next Generation Firewalls (Security Tooling & Operations)
  • Deploy and manage Web Application Firewalls (WAFs), including F5 and other cloud-native WAF solutions, to protect critical applications (Application & Network Defense)
  • Integrate security testing tools (SAST, DAST, SCA) into CI/CD pipelines to enable "shift-left" security practices (DevSecOps & Pipeline Security)
  • Design and maintain solutions for the secure storage and rotation of credentials, API keys, and secrets using tools like HashiCorp Vault or equivalent cloud-native services (Secrets and Key Management)
  • Conduct threat modeling and perform security reviews for new applications and services to proactively identify and mitigate risks in the design phase (Risk & Design Review)
  • Participate in a rotating on-call schedule to address security incidents and operational issues promptly (Incident Response & On-Call)
  • Support internal and external audits by generating evidence, writing detailed reports, and delivering clear, concise technical presentations to leadership (Compliance & Reporting)
  • Operate with minimal oversight, taking the initiative to identify and suggest security improvements and drive projects to completion (Leadership & Mentorship)

Skills

Key technologies and capabilities for this role

AWSAzureGCPOCICloudFormationTerraformIaCCIS BenchmarksDISA STIGsLinuxKubernetesPrisma CloudOrcaGoogle SecOpsPalo Alto NGFWWAFF5

Questions & Answers

Common questions about this position

What is the location for this Senior Cloud Security Engineer role?

The position is located in Dallas, TX.

Is the salary or compensation mentioned for this position?

This information is not specified in the job description.

What key technical skills are required for this role?

The role requires expertise in multi-cloud security across AWS, Azure, GCP, and OCI; Infrastructure as Code with CloudFormation and/or Terraform; system hardening using CIS Level 2 and DISA STIGs; and security tools like Palo Alto Prisma Cloud, Orca, and HashiCorp Vault.

What does the company culture or work environment look like for this position?

The role involves a fast-paced environment where the engineer operates independently with minimal oversight, taking full ownership of security responsibilities, and participating in on-call rotations.

What makes a strong candidate for this Senior Cloud Security Engineer position?

A strong candidate has deep technical knowledge, a proactive automation-first mindset, the ability to work independently with minimal oversight, and experience in cloud security architecture and DevSecOps practices.

Zimperium

Mobile security solutions for enterprises and government

Website

About Zimperium

Zimperium focuses on mobile security, providing solutions to protect mobile devices and applications from cyber threats. Its main product, zIPS, is a mobile threat defense software that detects and addresses threats like malware and phishing in real-time. This software is designed for enterprises and government organizations, ensuring their mobile endpoints, such as smartphones and tablets, are secure. Zimperium differentiates itself from competitors by specializing in mobile security and offering tailored consulting services to enhance clients' security strategies. The company's goal is to safeguard sensitive data across various industries, particularly in sectors like healthcare and education, where mobile security is crucial.

Dallas, TexasHeadquarters
2010Year Founded
$70.1MTotal Funding
BUYOUTCompany Stage
Consulting, CybersecurityIndustries
201-500Employees

Benefits

Hybrid Work Options

Risks

Increased competition from companies like Apple could challenge Zimperium's market position.
Sophisticated malware campaigns highlight evolving threats that could outpace current security measures.
Availability on AWS Marketplace exposes Zimperium to increased competition from other vendors.

Differentiation

Zimperium offers a mobile-first security platform for comprehensive mobile device protection.
The company provides real-time threat detection and mitigation for iOS and Android devices.
Zimperium's solutions are available on AWS Marketplace, enhancing accessibility for AWS users.

Upsides

Recognition as a leader in mobile threat defense boosts Zimperium's credibility and client attraction.
Strategic partnership with Cyvatar could expand Zimperium's reach and enhance its portfolio.
Winning Cyber Defense Magazine awards highlights Zimperium's innovation, attracting new customers.

Related Jobs

Hundred
Remote iconRemote

Senior Cloud Security Architect (R-00079)

True Zero Technologies
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)
United States
Remote iconRemote

Security Engineer, Cloud Security

Red Cell Partners
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)
United States
Remote iconRemote

DevSecOps Engineer

Authentic8
Salary not specified
  • Employment type iconFull Time
  • Experience level iconMid-level (3 to 4 years), Senior (5 to 8 years)
United States +3 more
Remote iconRemote

Security Engineer, Infrastructure Security

OpenAI
$292,500 - $405,000/year
  • Employment type iconFull Time
  • Experience level iconJunior (1 to 2 years)

Land your dream remote job 3x faster with AI

Try Jobo Free