Senior Cloud Security Engineer

Starburst is the data platform for analytics, applications, and AI, unifying data across clouds and on-premises to accelerate AI innovation. Organizations—from startups to Fortune 500 enterprises in 60+ countries—rely on Starburst for fast data access, seamless collaboration, and enterprise‑grade governance on an open hybrid data lakehouse. Wherever data lives, Starburst unlocks its full potential, powering data and AI from development to deployment.

By future‑proofing data architecture, Starburst helps businesses fuel innovation with AI.

About the Role:

As a Senior Cloud Security Engineer, you will be a key player in integrating security practices throughout the software development lifecycle. You will lead initiatives to design, implement, and automate security controls, ensuring the secure development and deployment of applications. This role requires a strong understanding of security principles, Dev Ops methodologies, and cloud environments, with a focus on continuous improvement and risk mitigation.

You will collaborate closely with development, operations, and security teams, and mentor junior engineers to foster a culture of security.

Responsibilities:

• Integrate security into the CI/CD pipeline, automating security controls and embedding security throughout the development lifecycle.

• Support, and maintain Application Security Testing (AST) tools (SAST, DAST, IAST, SCA) to identify code and dependency vulnerabilities.

• Conduct security assessments, vulnerability analysis, and penetration testing to identify and mitigate security risks.

• Develop and maintain secure infrastructure as code (IaC) scripts using tools like Pulumi, Terraform, or Cloud Formation.

• Implement and manage security tools and technologies such as SIEMs, IDS/IPS, firewalls, and endpoint protection.

• Monitor and respond to security incidents, performing root cause analysis and implementing corrective measures.

• Educate and train development and operations teams on secure coding practices and security tooling.

• Stay up to date with the latest security threats, trends, and technologies, and proactively address potential risks.

• Create and maintain documentation related to security policies, procedures, and standards.

• Participate in security audits and compliance initiatives to ensure adherence to industry regulations and standards.

• Provide thorough unit testing and automated testing to ensure a quality product is delivered.

• Improve, enhance, and support existing operations.

• Design, build, install, configure, and support production deployments.

• Manage the work of teams implementing Dev Ops solutions in complex projects.

Minimum Qualifications:

• Bachelor's degree in Engineering, Computer Science, Management Information Systems, or a related study, or equivalent experience.

• Minimum of 5+ years of professional experience in Dev Ops, security engineering, or a related field.

• Strong understanding of security principles and best practices, including threat modeling, risk assessment, and vulnerability management.

• Proficiency with Dev Ops tools and practices, including CI/CD pipelines, containerization (Docker, Kubernetes), and version control systems (Git).

• Solid understanding of cloud security concepts and experience with cloud platforms (AWS, Azure, Google Cloud).

• Strong scripting and automation skills using languages such as Python, Bash, or Power Shell.

• Experience with security tools such as OWASP ZAP, Burp Suite, Nessus, Metasploit, or similar.

• Experience in development with shell scripting such as Python, GoLang, etc.

• Expertise in the Linux operating system.

• Must be able to demonstrate innovation in problem‑solving.

• Clear communication with team members and product owners.

• Ability to effectively communicate technical findings to both technical and non‑technical stakeholders.

• Must follow and support agile methodologies and practices by actively participating in all SCRUM ceremonies.

• Must adhere to and develop best practices in software engineering.

Preferred Qualifications:

• Experience integrating Cloud Security Posture Management (CSPM) tooling with application security pipelines.

• Experience with…