semperis logo

Senior Cloud Security Engineer

Semperis

Tel Aviv

Cloud Security

Posted 19 hours ago

seniorhybrid

Frameworks & standards

ISO 27001SOC 2FedRAMP

Job Description

At Semperis, our mission is to be a Force for Good. Starting with being a great place to work. We believe that when people feel valued, supported, and empowered, they do their best work. That’s why we focus on creating an employee experience rooted in purpose, growth, and balance. Semperis has been recognized as one of America’s Fastest-Growing Cybersecurity Companies by the Inc. 5000, a DUNS 100 Top Startup to Work For, and a multi-year Inc. Best Workplace awardee.

What We Are Looking For?

As we continue to scale our cloud footprint and regulated offerings, we are expanding our Cloud Security team with a Senior Cloud Security Engineer who thrives at the intersection of cloud platforms, security engineering, networking, and automation.

We are looking for a Senior Cloud Security Engineer to help build secure-by-default cloud platforms across Azure and AWS. This is an engineering-focused role centered on preventive controls, scalable guardrails, Kubernetes security, network security, and automation, not a SOC or incident-response-first position.

Primary focus areas: cloud security guardrails, Kubernetes security, cloud network controls, and automation across Azure and AWS

What You Will Do?

  • You will own the security architecture, guardrails, and automation patterns, while partnering with platform and infrastructure teams on implementation.

  • Own and evolve Cloud Security Posture Management (CSPM) capabilities, including policies, guardrails, and automated remediation.

  • Engineer and maintain cloud network security controls, including network segmentation and isolation, cloud-native firewalls and security groups, Application Gateway / WAF configurations, and secure ingress and egress patterns.

  • Define and enforce security best practices for Kubernetes environments (AKS/EKS), including RBAC, network policies, workload isolation, and cluster hardening.

  • Partner with engineering teams on architecture reviews for new services, platforms, and major changes, helping teams design secure, compliant, and practical solutions.

  • Engineer and maintain identity and access security controls for cloud and production environments, including least privilege, workload identity, service principals, and conditional access.

  • Apply a security lens to FinOps, defining guardrails that balance cost optimization with security and compliance.

  • Develop tooling, automation, and self-service workflows that reduce manual effort and improve consistency across security programs.

  • Communicate complex security risks and technical recommendations clearly to engineering teams, leadership, and cross-functional stakeholders.

  • Mentor junior engineers and contribute to raising the overall security maturity of the organization.

What You Will Bring (Required)

  • 6+ years of experience in cloud security, security engineering, or cloud platform engineering roles.

  • Deep hands-on security experience in Azure or AWS is required; experience across both is strongly preferred.

  • Hands-on experience securing production AKS/EKS environments, including RBAC, network policies, workload identity, admission controls, image/runtime controls, and cluster hardening.

  • Proven experience with cloud network security, including firewalls, WAFs, network segmentation, and secure connectivity patterns.

  • Strong understanding of cloud security architecture, including shared responsibility models, secure service design, and defense-in-depth.

  • Experience with preventative security controls, including CSPM, policy enforcement, and secure cloud baselines.

  • Cloud automation experience using Infrastructure as Code tools such as Terraform, Bicep, or CloudFormation, plus scripting with Python, PowerShell, Bash, or similar languages.

  • Ability to operate independently, own complex problem spaces, and deliver practical, scalable solutions.

  • Strong communication skills and comfort providing architecture-level guidance to engineering teams.

  • Experience working in regulated environments

Bonus Points

  • Experience contributing to or supporting compliance programs such as FedRAMP, SOC 2, ISO 27001, or NIST frameworks.

  • Familiarity with CI/CD pipelines and DevSecOps practices.

  • Experience with identity and access management in cloud environments (RBAC, workload identity, service principals) is a strong plus.

What Success Looks Like?

• Secure by default cloud patterns are documented, automated, and adopted by engineering teams.
• CSPM findings are prioritized, routed, and remediated through repeatable workflows.
• Kubernetes and cloud network controls are consistently implemented across production environments.
• Engineering teams receive practical security guidance early in design, not after deployment.

Why Join Semperis?
You’ll be part of a global team on the front lines of cybersecurity innovation. At Semperis, we celebrate curiosity, integrity, and people who take initiative. If you’re someone who sees the glass as half full, embraces challenges as growth opportunities, and values a healthy balance between work and life—we’d love to meet you.

**Semperis maintains office locations in several cities across the globe. Where the job description specifies a required location, candidates will follow our hybrid work model. This includes working up to three days per week and remotely the remaining days.

Semperis is an equal opportunity employer and will not discriminate against an applicant or employee based on race, color, religion, creed, national origin or ancestry, ethnicity, sex (including gender, pregnancy, sexual orientation, and gender identity), age, physical or mental disability, veteran or military status, genetic information, citizenship, marital status, or any other legally recognized protected basis under federal, state, or local law. The information collected by the Semperis application is solely to determine suitability for employment, verify identity, and maintain employment statistics. 

 

Applicants with disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and/or other applicable state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Semperis. Please inform Semperis representative Anna Taylor, Director of Global Recruiting, if you need assistance completing this application or to otherwise participate in the application process.

Apply for this position

Not ready to apply?

Get weekly alerts for new Cloud Security jobs:

Share your cyber salary

Anonymous. No login, no name. Helps everyone see real pay by role and country.

Hiring for a role like this?

Reach cybersecurity professionals browsing the board - your listing goes live instantly.

Post a job →

Related cybersecurity jobs

semperis logo

SemperisToronto

Cloud SecurityHybrid
Posted Jul 16Apply
semperis logo

SemperisDallas, TX

AppSecHybrid
Posted Jul 16Apply
semperis logo

SemperisToronto

CA$107K – CA$150KOtherHybrid
Posted Jul 14Apply
semperis logo

SemperisDallas, TX

EngineeringHybrid
Posted Jul 8Apply
semperis logo

SemperisDallas, TX

SalesHybrid
Posted Jul 7Apply

Stay ahead of the curve. Get new infosec jobs in your inbox.