Job Url: https://hex.tech/careers/cloud-security-engineer/

Job Description: 
SF, NYC, or Remote (USA)
About Hex
Hex is changing the way people work with data. Our platform makes analytics workflows more powerful, collaborative, and shareable. Hex solves key pain points with today's data and analytics tooling, and is loved by thousands of users all over the world for the beautiful UI, new superpowers, and boundless flexibility.

We are a tight-knit crew of engineers, designers, and data aficionados. Our roadmap is full of big ideas and little details, and we would love your help bringing them to life.

Hex has raised over $100m from great VCs and angels, giving us many years of runway and the ability to pay competitive salaries, offer great benefits, and provide meaningful equity.

Watch a demo of Hex on our homepage, read more on our blog, or check out our handbook for a better sense of what it's like to work here.

About the role
We are looking for an experienced Cloud Security Engineer to join Hex’s security team. You will be responsible for ensuring the security and resilience of our cloud infrastructure, providing leadership in cloud security practices, and collaborating closely with our infrastructure and engineering teams to secure our cloud-native applications.

About the role:
Design, implement, and manage security solutions and controls for AWS environments and Kubernetes clusters, including appropriate isolation/sandboxing methods for Hex’s RCE-as-a-Service platform
Build, deploy, and maintain infrastructure-as-code using Terraform, ensuring robust security standards are enforced.
Conduct security assessments, threat modeling, and audits on AWS cloud infrastructure and Kubernetes deployments.
Collaborate with development and operations teams to embed security best practices into CI/CD pipelines.
Monitor and respond to cloud security incidents, identifying root causes and recommending remediation actions.
Provide expertise in compliance requirements related to cloud security (e.g., SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS).
Mentor engineers and advocate for cloud security across the organization.
About you: 
5+ years of experience in cloud security engineering, with extensive expertise in AWS.
Demonstrated proficiency with Kubernetes security including cluster hardening, role-based access control (RBAC), network policies, and container vulnerability management.
Expert-level knowledge and hands-on experience with Terraform.
Familiarity with AWS security services (e.g., IAM, GuardDuty, Security Hub, CloudTrail, WAF).
Familiarity with CNAPP solutions such as Wiz
Familiarity with SIEM solutions such as Panther
Solid understanding of secure software development lifecycle practices, CI/CD security, and DevSecOps methodologies.
Relevant certifications such as AWS Certified Security – Specialty, Certified Kubernetes Security Specialist (CKS), and Terraform Associate certification are highly desirable.
Bonus points for security certifications from SANS or OffSec.
Excellent problem-solving, communication, and leadership skills.
Our Engineering team
We’re a group of engineers who are forging new ground together and love partnering with Security on our journey to pull ahead of our competition. You can read about how we think through problems as well as how we learn from mistakes on our blog here: