Job Description
Cloud Security Operations Engineer Duration: 12+ Months Location: USA Remote We are looking for someone with a heavier ops background that has served in a previous cloud security engineering role. We saw a heavy amount of candidates with heavier engineering backgrounds in the last round, but I think the team is in agreement we need someone who has more ops experience since we are trying to move in that direction - About the Role Weβre seeking a Cloud Security Operations Engineer to join our Cloud Security Operations team at PayPal. This role is a key part of our centralized security function, supporting cloud security initiatives across multiple business units. Youβll work hands-on with cloud infrastructure, security tooling, and cross-functional teams to maintain and strengthen our overall cloud security posture. What Youβll Do β’ Security Operations: Manage Level 3 (L3) security tickets, investigate cloud security incidents, and participate in the on-call rotation to respond to security events. β’ CSPM Remediation: Triage and remediate cloud misconfigurations identified through Cloud Security Posture Management (CSPM) platforms. β’ Metrics & Compliance: Track and report on SLA metrics, ensuring compliance with security requirements across cloud environments. β’ Program Development: Design and implement new operational programs, runbooks, and standard operating procedures to scale security operations. β’ Tool Optimization: Align security tools with cloud service patterns and architectural best practices to ensure effective coverage across AWS, Azure, and Google Cloud Platform. β’ Security Reviews: Support technical security assessments of cloud architectures, infrastructure-as-code (IaC), and deployment pipelines. β’ Cross-Team Collaboration: Partner with engineering, business unit security leads, and platform teams to drive continuous security improvements. Required Qualifications β’ Cloud Platform Experience: 3+ years of hands-on experience with at least one major cloud service provider (AWS, Azure, or Google Cloud Platform), including core services like compute, storage, networking, and identity management. β’ Operational Background: Proven experience in security operations, incident response, or similar roles, with the ability to manage tickets, meet SLAs, and handle on-call responsibilities. β’ Programming Skills: Proficiency in at least one programming language (Python, Go, or similar), with the ability to develop scripts for automation and security tooling. β’ Distributed Systems Understanding: Strong grasp of distributed systems, microservices architectures, and cloud-native application patterns. β’ Security Fundamentals: Solid understanding of security principles, common cloud vulnerabilities, and security best practices. Preferred Qualifications β’ CSPM Tools: Hands-on experience with Cloud Security Posture Management tools such as Wiz, Prisma Cloud, or similar platforms. β’ Multi-Cloud Expertise: Experience working across multiple cloud environments (AWS, Azure, Google Cloud Platform). β’ Infrastructure-as-Code: Familiarity with IaC tools such as Terraform, CloudFormation, or ARM templates. β’ Containers & Orchestration: Experience with Kubernetes, Docker, and container security best practices. β’ Compliance Frameworks: Working knowledge of standards such as PCI-DSS, SOC 2, and ISO 27001. β’ Service Mesh & Zero Trust: Understanding of service mesh architectures, workload identity, and zero trust security models. Technical Skills β’ Cloud Platforms: AWS, Azure, or Google Cloud Platform β’ Programming: Python, Go, Bash, or similar scripting languages β’ Security Tools: CSPM platforms, SIEM systems, vulnerability scanners β’ Cloud-Native Concepts: Containers, microservices, serverless computing β’ Networking: VPCs, security groups, and network segmentation What Makes You Successful β’ Problem-Solving Mindset: You approach security challenges analytically and design scalable, effective solutions. β’ Operational Excellence: You thrive in fast-paced environments and consistently maintain high-quality standards. β’ Collaborative Approach: You communicate clearly and work effectively with both technical and non-technical teams. β’ Continuous Learning: You stay current with evolving cloud technologies, security tools, and threat landscapes. Ownership: You take initiative, follow through on commitments, and proactively drive process improvements. Apply tot his job