Cloud Security Engineer

Requirements

• This is a deeply hands-on role for an engineer who has built and operated secure cloud platforms at scale and prefers solving security problems through code, systems design, and automation rather than policy alone
,
• Have built cloud security platforms or foundational infrastructure in AWS and GCP, not just consumed managed services
,
• Are deeply fluent in Terraform, including large-scale state management, module design, and safe rollout strategies
,
• Think in terms of secure systems and primitives, not one-off controls or point solutions
,
• Have strong opinions on cloud IAM and networking design, informed by real-world failures and incident response
,
• Are comfortable operating in ambiguous environments and defining long-term technical direction
,
• Prefer automation, code, and guardrails over documentation and manual review
,
• Can influence architecture through technical depth rather than organizational authority
,
• (Desirable) Experience designing multi-account AWS organizations or large GCP project hierarchies
,
• (Desirable) Familiarity with policy-as-code systems (OPA, custom policy engines, etc.)
,
• (Desirable) Experience with cloud-native detection and posture tools, including tuning signal-to-noise
,
• (Desirable) Background in high-growth startups or infrastructure-heavy platforms
,
• You thrive in fast-paced environments. You are high-intensity and care a lot about what you do, and you're ecstatic to work at a startup
,
• You are ambitious. You have fun solving problems that others think are impossible
,
• You are curious. You find joy in learning about AI, technology, and finance
,
• You are an owner. You are autonomous, self-directed, and comfortable working with ambiguity
,
• You are collaborative, organized, thoughtful, and kind

• Rogo is hiring a Cloud Security Engineer to lead the design and implementation of cloud security architecture across AWS and GCP
,
• You will own the technical direction of cloud security at Rogo: designing secure primitives, authoring Terraform at scale, shaping identity and network architecture, and embedding security into the core platform
,
• You will operate as a senior technical leader while remaining highly tactical, writing production code, reviewing infrastructure changes, and unblocking teams with pragmatic security solutions
,
• Architect and implement cloud security foundations across AWS and GCP, including account/project structure, IAM models, network segmentation, and secure service-to-service communication
,
• Own and author Terraform-based security architecture, including:
,
• Reusable, opinionated Terraform modules for IAM, networking, logging, and encryption
,
• Policy enforcement and guardrails that prevent insecure infrastructure from being deployed
,
• Secure defaults embedded directly into infrastructure primitives
,
• Design and operate cloud identity systems at scale, including workload identity, service accounts, role assumption, and cross-cloud access patterns
,
• Lead the security design of cloud networking, including VPC architecture, private connectivity, egress control, firewalling, and isolation boundaries
,
• Build and maintain security automation across CI/CD and cloud environments, eliminating manual processes and reducing operational risk
,
• Own Kubernetes and container security for production workloads (GKE/EKS), including cluster hardening, RBAC, workload identity, image security, and runtime controls
,
• Define and implement logging, monitoring, and detection pipelines that provide high-signal visibility into cloud security posture and incidents
,
• Perform threat modeling and architectural reviews for new infrastructure and platform changes, driving security decisions with technical authority
,
• Act as a technical multiplier: reviewing critical infrastructure changes, mentoring engineers, and raising the overall security bar across the organization