Zimperium®
Tech / AI / Software
Sr.CloudSecurityEngineer-FedRamp
Neural analysis suggests this role is
optimal for Senior candidates.
“Sr. Cloud Security Engineer - FedRamp at Zimperium®. Skills: Cloud Security Architecture, Infrastructure as Code (IaC) & Automation, System Hardening, Security Tooling & Operations, Application & Network Defense, DevSecOps & Pipeline Security, Secrets and Key Management, Risk & Design Review, Compliance & Reporting. Designing, implementing, and maintaining robust security controls across our multi-cloud environment.. Leveraging CloudFormation and/or Terraform to deploy secure infrastructure cons”
Industry & Context.
Proactive, automation-first mindset; Ability to operate independently, taking full ownership of security responsibilities; Identify and suggest security improvements
Participate in a rotating on-call schedule
What They're Looking For.
Must Have
8+ years of progressive experience in IT, with at least 5 years dedicated to Cloud Security Engineering in a multi-cloud environment., Expert-level proficiency in Infrastructure as Code (IaC) for security automation using Terraform and/or CloudFormation., Deep practical experience securing at least three of the following major cloud providers: AWS, Azure, GCP, and OCI., Proven expertise in system hardening using industry standards like CIS Level 2 and DISA STIGs., Extensive experience with Linux administration and securing containerization technologies, specifically Kubernetes., Hands-on experience with advanced security platforms, including at least two of the following: Palo Alto Prisma Cloud, Orca, Google SecOps, and Palo Alto Next Generation Firewalls., Demonstrated experience with WAF solutions, such as F5 or equivalent cloud-native services., working knowledge of DevSecOps principles, including integrating security tools into CI/CD pipelines., Proven experience with Secret Management solutions (e. g. , HashiCorp Vault, AWS Secrets Manager)., Excellent written and verbal communication skills, including the ability to write executive-level reports and deliver technical presentations., Proven ability to operate independently and take ownership of critical responsibilities.
Nice to Have
Experience working within highly regulated environments, such as FedRAMP, DoD, or similar government/financial sectors., Demonstrated experience with implementing and maintaining controls for security frameworks such as ISO 27001 and SOC 2., Experience conducting formal threat modeling and risk analysis., Experience gained from both a large enterprise environment (for process and scale) and a fast-paced startup/tech company (for agility and innovation)., Relevant industry certifications (e. g. , CISSP, CCSP, AWS/Azure/GCP Security Specializations).
What You'll Do.
and maintaining robust security controls across our multi-cloud environment.
Leveraging CloudFormation and/or Terraform to deploy secure infrastructure consistently and at scale.
Implementing and enforcing rigorous security configuration benchmarks
specifically CIS Level 2 and DISA STIGs
across all compute environments.
and optimizing cloud-native and third-party security tools.
Deploying and managing Web Application Firewalls (WAFs).
Integrating security testing tools (SAST
SCA) into CI/CD pipelines.
Designing and maintaining solutions for the secure storage and rotation of credentials
Conducting threat modeling and performing security reviews for new applications and services.
Participating in a rotating on-call schedule to address security incidents and operational issues promptly.
Supporting internal and external audits by generating evidence
writing detailed reports
concise technical presentations to leadership.
Operating with minimal oversight
taking the initiative to identify and suggest security improvements and drive projects to completion.
How You'll Work.
Team & Collaboration
Delivering clear, concise technical presentations to leadership.; Experience gained from both a large enterprise environment (for process and scale) and a fast-paced startup/tech company (for agility and innovation).
Communication Scope
Excellent written and verbal communication skills; Ability to write executive-level reports; Deliver technical presentations
Process & Methodology
Drive projects to completion.
Full Job Description
## Description Zimperium® is an industry leader in enterprise mobile security, being the first and only company to provide a complete mobile threat defense system that offers real-time, on device world-class protection against both known and unknown next generation of advanced mobile cyberattacks and malware. Our MTD and award-winning machine learning-based engine protects against device, network, phishing and application attacks for IOS, Android and Windows devices, using a non-intrusive approach to always protect privacy of users. Position Summary: We are seeking a highly experienced and self-directed Senior Cloud Security Engineer to join our team. This critical role is responsible for designing, implementing, and maintaining robust security controls across our multi-cloud environment. The ideal candidate will possess deep technical knowledge, a proactive, automation-first mindset, and the ability to operate independently, taking full ownership of security responsibilities in a fast-paced environment. Location: Dallas, TX preferred Key Responsibilities: Multi-Cloud Security Architecture: Design, implement, and manage security best practices and controls for services hosted across AWS, Azure, GCP, and OCI environments. Infrastructure as Code (IaC) & Automation: Act as the subject matter expert for security automation, leveraging CloudFormation and/or Terraform to deploy secure infrastructure consistently and at scale. System Hardening: Implement and enforce rigorous security configuration benchmarks, specifically CIS Level 2 and DISA STIGs, across all compute environments, including various flavors of Linux and Kubernetes clusters. Security Tooling & Operations: Configure, manage, and optimize cloud-native and third-party security tools such as Palo Alto Prisma Cloud, Orca, Google SecOps, and Palo Alto Next Generation Firewalls. Application & Network Defense: Deploy and manage Web Application Firewalls (WAFs), including F5 and other cloud-native WAF so
Applying for this Sr. Cloud Security Engineer - FedRamp role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Lever
- Lever uses a streamlined one-page form — apply in under 5 minutes.
- LinkedIn import works well; review parsed data before submitting.
- The cover letter field is optional but visible to reviewers — use it to differentiate.
- Referral codes from employees can significantly boost visibility of your application.
ANONYMOUS · UNFILTERED
What do employees actually say about Zimperium®?
Real rants from real employees. Read before you apply.