In This Role, You Will...
Cloud Security Engineering and Architecture
Design and implement enterprise-grade AWS security architectures using zero-trust principles
Develop organization-wide security standards for IAM, VPC configurations, and data protection mechanisms
Architect multi-account AWS environments with Security Hub, GuardDuty, and AWS Config integrations
Lead Cloud Security Posture Management (CSPM) initiatives using Infrastructure-as-Code (Terraform/CloudFormation)
Network Security
Design and support secure network architectures using AWS constructs (TGW, GWLB, Firewalls)
Implement layered defenses with WAF, Firewalls, Security Groups, and Network ACLs
Optimize security controls for hybrid cloud environments and SD-WAN integrations
Cloud Vulnerability Management
Establish risk-based vulnerability prioritization frameworks for cloud assets
Develop automated remediation pipelines using CI/CD tools and OPA policies
Conduct attack surface analysis through cloud-specific threat modeling
Leadership Expectations
Mentor a team of 2 or more Cloud Security Analysts
Lead cross-functional collaboration with SRE, ProdSec, IT, and Software Engineering teams
Develop security training programs and cloud security certification paths
Oversee vendor relationships for cloud security tooling and services
Proven experience developing security analysts through mentorship
Strong background in creating security policy frameworks and technical documentation
Qualifications
10+ years of Security Engineering experience supporting production and/or DevOps environments, both Cloud and On-premises, along with proficiency with security automation using Python/Go and/or Terraform
Experience implementing, administering, and supporting Cloud platform system/network vulnerability scanning tool(s), and development of microservice-based architectures
Deep understanding of NIST CSF, MITRE ATT&CK Cloud Matrix, and CIS AWS Benchmarks
Strong understanding of vulnerability scoring frameworks and business risk decision making
Experience with: hybrid enterprise environments (cloud plus on-premises data centers); DevOps tools, artifact repositories, and Infra-as-code technology; dashboard technologies.
Expert-level AWS security implementation experience
Bonus Qualifications
AWS Certifications / AWS Certified Security - Specialty
XSOAR (preferably Palo Alto Networks) and general automation development experience Experience with shell scripting, API usage and integration in Linux and Windows
Palo Alto Networks Certified Security Engineer
About Zoox
Zoox is developing the first ground-up, fully autonomous vehicle fleet and the supporting ecosystem required to bring this technology to market. Sitting at the intersection of robotics, machine learning, and design, Zoox aims to provide the next generation of mobility-as-a-service in urban environments. We’re looking for top talent that shares our passion and wants to be part of a fast-moving and highly execution-oriented team.
Accommodations
If you need an accommodation to participate in the application or interview process please reach out to
[email protected] or your assigned recruiter.
A Final Note:
You do not need to match every listed expectation to apply for this position. Here at Zoox, we know that diverse perspectives foster the innovation we need to be successful, and we are committed to building a team that encompasses a variety of backgrounds, experiences, and skills.
