Staff Cloud Security Engineer

About Huntress

Huntress is a fully remote, global team of passionate experts and ethical badasses on a mission to break down the barriers to cybersecurity. Whether creating purpose-built security solutions, hunting down hackers, or impacting our community, our people go above and beyond to change the security game and make a real difference.

What Huntress Does

Founded in 2015 by former NSA cyber operators, Huntress protects all businesses—not just the 1%—with enterprise-grade, fully owned, and managed cybersecurity products at the price of an affordable SaaS application. The Huntress difference is our One Team advantage: our technology is designed with our industry-defining Security Operations Center (SOC) in mind and is never separated from our service. We protect 4M+ endpoints and 8M+ identities worldwide, elevating underresourced IT teams with protection that works as hard as they do. As long as hackers keep hacking, Huntress keeps hunting.

Your Role as a Staff Cloud Security Engineer

Huntress is looking for a strategic Staff Cloud Security Engineer to join our fully remote team. In this high-impact individual contributor role, you will evolve from simply securing infrastructure to defining the long-term cloud security strategy for our entire B2B Cloud Security SaaS platform.

This role is designed for a force multiplier—someone who can design scalable defenses, influence engineering culture, and solve complex, ambiguous security challenges across AWS, Azure, and PaaS environments. You won't just close tickets; you will set the standard for how Huntress builds, deploys, and protects its cloud-native ecosystem at scale.

Key Responsibilities

• Strategic System Design: Define the technical vision for cloud security. You will spearhead the evaluation of emerging cloud technologies and engineer "paved road" patterns that make the secure path the easiest path for our engineering teams.
• Cross-Functional Influence: You will act as the bridge between Security, Product, and Engineering. You will not just partner with these teams; you will embed security DNA into their workflows, mentoring Senior and Mid-level engineers, and driving consensus on critical design decisions across the organization.
• Scalable Threat Modeling: Move beyond reviewing pitches. You will establish frameworks that enable engineering teams to self-assess their risks. You will tackle the most complex and high-risk system design changes, ensuring that privacy and security are addressed at the whiteboard stage, not during testing.
• Advanced Threat Resilience: You will design self-healing and resilient infrastructure capabilities. You will lead the technical strategy for incident response readiness, implementing sophisticated runtime detection, automated containment, and forensic capabilities that scale with our customer growth.
• Risk-Based Vulnerability Governance: You will evolve our vulnerability management from "scanning and ticketing" to a risk-based intelligence program. You will develop automated prioritization models that contextualize vulnerabilities based on asset criticality, enabling the business to focus on what truly matters.
• Automated Compliance & Governance as Code: You will own the roadmap for cloud security governance. You will drive the shift toward "Compliance as Code," ensuring that our controls are monitored, audited, and remediated programmatically, minimizing manual toil.

What You'll Bring

• The "Force Multiplier" Mindset: You don't just solve problems; you create solutions that empower others to solve problems. You have a track record of elevating the technical maturity of the teams around you.
• Value Documentation: You recognize documentation as a critical tool for showing impact and value. You effectively detail security recommendations, process improvements, architectural decisions, and innovative ideas to ensure clarity and organizational buy-in.
• Strategic SaaS Experience: You have deep experience in high-growth B2B SaaS environments. You understand how to align security initiatives with business velocity, ensuring security is an enabler, not a blocker.
• High-Level Technical Communication: You can explain a complex RCE vulnerability to a developer and then immediately pivot to explaining the business risk of that vulnerability to a VP. You document not just the "how," but the "why."
• Expert-Level Infrastructure-as-Code: You don't just use Terraform/Spacelift; you structure modular, reusable, and secure IaC libraries. You treat infrastructure as software and apply software engineering best practices (testing, versioning, CI/CD) to security.
• Software Engineering Proficiency: You go beyond simple scripting. You are comfortable building robust internal tools, APIs, and automation using Python, Go, or similar languages to integrate disparate security systems.
• Deep Cloud Mastery: You possess top-tier expertise in AWS and Azure. You understand the nuances of IAM, networking, and container security (Kubernetes/ECS) at an advanced level.
• Incident Command: You have the composure and expertise to lead technical response efforts during critical security incidents, leveraging advanced forensics and query languages (SQL, Splunk, KQL) to hunt through massive datasets.
• Remote-First Collaboration: You are an excellent communicator, capable of thriving and driving initiatives in a distributed, asynchronous work environment.

Benefits & Perks

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth

Key skills/competency

• AWS
• Azure
• Cloud Security Strategy
• Infrastructure-as-Code (IaC)
• Terraform
• Threat Modeling
• Incident Response
• Vulnerability Management
• Compliance as Code
• Python/Go