All roles

Open role

[Remote] Senior Cloud Security Engineer

Remote · Chile Full-time

Note: The job is a remote job and is open to candidates in USA. Pax8 is redefining how cloud technology is bought, sold, and secured, and they are seeking a Senior Cloud Security Engineer to help define, assess, and secure their cloud platforms. This role involves shaping the security posture of Pax8's cloud and platform ecosystem by evaluating current systems, identifying security gaps, and establishing security standards.

Responsibilities

  • Review AWS, Kubernetes, CI/CD, and SaaS environments to identify security gaps, misconfigurations, and architectural weaknesses
  • Perform threat modeling, security architecture reviews, and cloud security assessments to identify attack paths, trust boundaries, and opportunities to reduce blast radius
  • Assess platform infrastructure against established security baselines and drive remediation efforts or formal risk acceptance
  • Validate that security controls are operating as intended across cloud, identity, network, and platform layers
  • Establish and evolve cloud and platform security hardening standards across AWS, Kubernetes, CI/CD, and SaaS platforms
  • Translate infrastructure architecture into clear, actionable security expectations—and validate they work in practice
  • Develop reference architectures, decision records (ADRs), and security design guidance that engineering teams can operationalize
  • Define and maintain secure patterns, guardrails, and baseline configurations for cloud-native delivery
  • Define and enforce least-privilege access models across AWS and Kubernetes environments
  • Review and improve IAM policies, RBAC models, identity federation, service identities, and cross-account trust boundaries
  • Partner with engineering teams to reduce unnecessary privilege and strengthen access controls without impacting delivery velocity
  • Assess and improve CI/CD security controls including federated identity, GitHub Actions security, secrets management, deployment protections, and pipeline trust boundaries
  • Review Infrastructure-as-Code patterns and recommend secure-by-default approaches
  • Help engineering teams build secure delivery workflows that scale
  • Validate network security controls, segmentation boundaries, ingress controls, and cloud networking architecture
  • Assess Kubernetes security controls including RBAC, service accounts, workload identities, and network policies
  • Ensure security controls are aligned to platform risk and business impact
  • Maintain platform security posture visibility through metrics, reporting, and security tracking mechanisms
  • Track remediation progress and communicate risk in terms of business impact, exposure reduction, and blast radius
  • Help leadership understand where security investments are reducing risk and enabling secure growth
  • Partner closely with DevOps, SRE, and Engineering teams as a trusted advisor and platform security authority
  • Influence technical decisions through expertise, collaboration, and practical recommendations rather than direct authority
  • Help teams understand not just what needs to change—but why it matters and what good looks like

Skills

  • 7+ years of experience in Cloud Security, Infrastructure Security, Platform Security, Security Architecture, DevSecOps, or related disciplines
  • Experience assessing cloud environments and identifying security weaknesses, misconfigurations, or architectural risks
  • Extensive hands-on AWS expertise across IAM, VPC, EKS, KMS, Secrets Manager, CloudTrail, S3, logging, networking, and access controls
  • Proven Kubernetes security experience including RBAC, service accounts, workload identities, network policies, and workload isolation
  • Experience securing CI/CD pipelines and cloud-native delivery workflows
  • Strong understanding of threat modeling and risk-based security assessments
  • Experience writing or maintaining security standards, hardening baselines, reference architectures, or security design guidance
  • Strong Infrastructure-as-Code fluency, particularly Terraform, with the ability to read and review Helm charts
  • Experience partnering with DevOps, SRE, Platform Engineering, or Infrastructure teams
  • Ability to operate independently and influence outcomes without formal authority
  • Experience within large SaaS, technology, fintech, cloud-native, or highly regulated organizations
  • Experience with GitHub Actions, OIDC federation, secrets management, and deployment protection controls
  • Experience operating CNAPP, CSPM, or cloud security posture management platforms beyond dashboard review
  • Experience producing ADRs, security design documents, or architecture standards that engineering teams actively use
  • Familiarity with AI platform security, agentic workloads, and AI-enabled development practices
  • Relevant certifications such as AWS Security Specialty, CCSP, CISSP, CKS, or equivalent

Benefits

  • Competitive salary and annual performance bonus
  • Stock options
  • Comprehensive medical, dental, and vision insurance
  • 401(k) retirement plan with company contribution
  • Generous paid time off and company holidays
  • Dedicated learning time with LinkedIn Learning access
  • Wellbeing initiatives and employee assistance programs
  • Non-Commissioned Bonus Plans or Variable Commission
  • 401(k) plan with employer match
  • Medical, Dental & Vision Insurance
  • Employee Assistance Program
  • Employer Paid Short & Long Term Disability, Life and AD&D Insurance
  • Flexible, Open Vacation
  • Paid Sick Time Off
  • Extended Leave for Life events
  • RTD Eco Pass (For local Colorado Employees)
  • Career Development Programs
  • Stock Option Eligibility
  • Employee-led Resource Groups

Company Overview

  • Pax8 is a cloud commerce marketplace company that specializes in cloud-based solutions. It was founded in 2012, and is headquartered in Greenwood Village, Colorado, USA, with a workforce of 1001-5000 employees. Its website is http://pax8.com.
  • More open positions

    [Remote] Senior Software Engineer, Agent Infrastructure

    Work from home Full-time role

    [Remote] Legal Technology Solutions Architect (Icertis)

    Work from home Full-time role

    [Remote] Sr. Frontend Engineer

    Work from home Full-time role

    [Remote] VP, Chief Medicaid Actuary

    Work from home Full-time role

    [Remote] Principal/Lead Embedded Software Engineer

    Work from home Full-time role

    [Remote] Remote Client Solutions Specialist - WILL TRAIN

    Work from home Full-time role

    Experienced Bilingual Licensed Customer Service Agent – Property & Casualty Insurance

    Work from home Full-time role

    HR Consultant - Hybrid Option

    Work from home Full-time role

    Sr Data Engineer (Bangalore candidates only)

    Work from home Full-time role

    Licensing / Translation Manager

    Work from home Full-time role

    Customer Service Representative, FEMA (Remote near Houston, TX) in Houston, TX

    Work from home Full-time role

    National Individual Consultant - Legal expert - Chisinau, Moldova, Programme/Social Policy Section - 4 months (remote/work from home))

    Work from home Full-time role

    EDI Specialist

    Work from home Full-time role

    Remote Part-Time Data Entry Clerk – Precision Data Management & Project Coordination for careerzynith

    Work from home Full-time role

    Innovation Business Analyst - On-Site (Tyler, DFW or Austin, TX)

    Work from home Full-time role

    Benefits Administration Client Ops Manager- (bswift)

    Work from home Full-time role

    Experienced Full Stack Customer Service Representative – Remote Call Center Operations

    Work from home Full-time role

    Feed Compliance Officer

    Work from home Full-time role

    Complex Case Management Team Lead (Premium) - Evernorth Health Services - Remote

    Work from home Full-time role

    Business Solutions Manager

    Work from home Full-time role

    Remote Data Entry Specialist – Accuracy, Speed & Detail Focus for Distributed Operations

    Work from home Full-time role