Jobs · Engineering · California

Senior Software Engineer - Infrastructure Cloud Security

Snorkel AI · Redwood City, CA · Yesterday
Engineering$220k–$260k/yrFull-time

About the role

We are seeking a Senior Software Engineer to evolve Snorkel's security posture across our cloud infrastructure, developer platform, and product ecosystem. You will partner with the security lead to secure cloud environments, build security automation, guide cross-functional initiatives, and embed security into our engineering workflows.

This is a high-impact role where your ability to work effectively with others matters as much as your technical depth. You do not need to meet every requirement listed below to apply. If you bring solid fundamentals in cloud security and are motivated to grow into the gaps, we encourage you to apply.

Key Responsibilities

  • Build and scale Infrastructure as Code (IaC) governance strategies that embed security while enabling developer velocity
  • Operate and tune Cloud Security Posture Management (CSPM) tooling and coordinate remediation through engineering teams
  • Investigate security events, triage incidents, identify root causes, and own remediation through resolution
  • Design and implement network security architectures using security groups, Network Access Control Lists (NACLs), subnetting, routing layers, and egress controls
  • Design, maintain, and govern Identity and Access Management (IAM) role & policy architectures for both human and machine identities
  • Implement encryption everywhere — data-at-rest, data-in-transit, and key rotation using AWS Key Management Service (KMS) and related services
  • Conduct threat modeling, architecture reviews, and secure design assessments for new and existing systems
  • Align cloud security strategy with relevant frameworks (NIST CSF, ISO 27001, SOC 2, CIS benchmarks)

Professional Skills

  • Communication & Influence
  • Cross-Functional Partnership
  • Ownership & Judgment
  • Teaching & Growth

Technical Skills & Experience

  • Programming skills in Python, Go, or similar languages, with the ability to build security tooling and automation
  • Experience building and operating systems at scale in cloud-native, containerized environments
  • Proficiency with Infrastructure as Code (Terraform): writing modules, CI/CD pipelines, deployment governance, and security reviews
  • AWS cloud architecture: multi-account strategies, landing zones, environment isolation, and cross-account role design
  • Identity and Access Management (IAM): role and policy architectures, least privilege, human and machine identity patterns
  • Network security: security groups, Network Access Control Lists (NACLs), Virtual Private Cloud (VPC) design, subnet segmentation, routing layers, and egress controls

Additional Areas You'll Contribute To

  • Threat modeling and secure design assessments for new and existing systems
  • Encryption and key management: data-at-rest, data-in-transit, key rotation using AWS KMS, Secrets Manager, or HashiCorp Vault
  • Container and OS hardening: secure base images, hardened Amazon Machine Images (AMIs), runtime protections
  • Cloud Security Posture Management (CSPM) tooling — deployment, tuning, and coordinating remediation workflows through engineering teams
  • Security event investigation: triage, root cause assessment, and remediation ownership
  • Vulnerability management lifecycle: scanning, prioritization, tracking, and closure
  • AI/ML security: awareness of risks specific to AI/ML systems (prompt injection, data poisoning, model extraction, training data protection) and ability to assess trust boundaries in AI product architectures
  • Compliance and security frameworks: NIST CSF, ISO 27001, SOC 2, CIS benchmarks
  • Designing secure architectures for high-growth SaaS or cloud-native environments

Similar jobs