Blackcloak6mo ago

USD 160000–170000/yr

Security Engineer (Product/Cloud Security)

United StatesRemoteFull Timemid

SecuritySecurity EngineerCybersecurity

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

BlackCloak’s mission is to protect corporate executives and high-profile individuals in their personal lives, mitigating risks to their families, companies, reputation, and finances.

Technical Tools

SecuritySecurity EngineerCybersecurity

BlackCloak’s mission is to protect corporate executives and high-profile individuals in their personal lives, mitigating risks to their families, companies, reputation, and finances. We defend our clients’ digital lives from hackers, privacy leaks, and identity theft. If you are passionate about helping to protect others, then keep reading - this may be your next great opportunity.

As a Security Engineer, you will be part of BlackCloak’s internal technology team supporting corporate security, information technology operations, and compliance. This is a critical role that is both hands-on and strategic, influencing and driving success for BlackCloak and its clients by designing, deploying, and supporting technology solutions for all areas of the business.

Application Security (Primary)

Champion application security program strategy and implementation, including but not limited to various controls towards a “shift-left” security model, Security Champions program, adoption and implementation of SAST, DAST, other application security tools.

Assist in maturation of the Secure SDLC, including threat modeling, security architecture and requirements guidance, as well as secure code development training.

Work directly with developers to triage findings, provide remediation guidance, and foster a security-first culture.

Manual testing support for light red teaming such as POC’ing vulnerabilities, leading penetration tests via vendor engagements and/or internally led testing, and validating security findings.

Cloud & Infrastructure Security (Secondary)

Partner with Engineering, DevOps, to secure GCP, AWS environments

Leverage Cloud Security tools such as CNAAP, to remediate discovered misconfigurations, vulnerabilities, and triage of Cloud Security alerts.

Develop and implement secure infrastructure baselines, vulnerability management processes, secrets managements, IAM, and hardening standards within the cloud environment.

Incorporation of shift-left security tests and controls, into CI/CD pipelines

Help expand monitoring capabilities within tools such as SIEM, CNAAP, including implementation of required cloud architecture/logging, onboarding of log sources to security tools, and detection rules for cloud-based threats

Zero Trust & Network Security (Support)

Strengthen Zero Trust posture by expanding usage of Cloudflare WARP, WAF, other Zero Trust tooling and principles

Collaborate with the IT team to enhance endpoint security policies within EDR tools such as SentinelOne, Crowdstrike, as well as secure hardening standards into MDM

Support design and implementation of IAM best practices/principles for workforce and client identity, leveraging tools such as; Google IDP, Okta, Auth0, Zitadel

Security Operations & Incident Response (Support)

Review, design, and implementation of new Security Tools - support administration across tools such as SIEM, EDR, CNAAP, Email Security, and others.

Support security and risk assessments for new tools, vendors, and relationships with broader Security and IT team.

Assist in development of new threat detections, playbooks, and automated response/remediation

Support triage and response of security alerts, as an escalation point from the broader team.

Participate in supporting security on-call rotation

3-5 years of hands-on experience in a security engineering role, preferably within a cloud-native, startup environment

Experience building or contributing to a Secure SDLC program, leveraging application security tools, supporting security architecture reviews

Demonstrated experience securing public cloud environments, with a strong preference for Google Cloud Platform (GCP).

Experience building or contributing to a Secure SDLC program.

Hands-on experience with modern security tooling, including

SAST/SCA: Snyk, Checkmarx, Veracode, or similar.

CNAPP: Wiz, Prisma Cloud, or similar.

EDR: SentinelOne, CrowdStrike, or similar.

SIEM: Google SecOps, Splunk, or other modern platforms.

A solid understanding of Zero Trust, IAM principles and practical experience implementing solutions with tools like Cloudflare.

Proficiency in at least one scripting language (e.g., Python, Bash) to automate security tasks and processes.

Excellent problem-solving skills and the ability to work collaboratively with both technical (Engineering) and non-technical (GTM) teams.

A proactive, "builder" mindset with a passion for improving processes, reducing risk.

Preferred Candidate will have:

Familiarity with Infrastructure as Code (IaC) and its security implications (e.g., Terraform).

Knowledge of compliance frameworks such as SOC 2, GDPR, NIST CSF

Familiarity with common application development languages such as Java or JavaScript

Understanding of system and architecture design principles, from code to cloud

Relevant industry certifications (e.g., GCLD, GCP Cloud Security Engineer, GCSA).

Listing Details

Posted: October 16, 2025
First seen: March 26, 2026
Last seen: April 22, 2026

Posting Health

Days active: 27
Repost count: 0
Trust Level: 51%
Scored at: April 22, 2026

Signal breakdown

freshnesssource trustcontent trustemployer trust

Apply for this position

Blackcloak

lever

BlackCloak is a leader in digital executive protection offering cybersecurity and privacy protections for high-profile individuals and corporate executives.

Employees

125

Founded

2018

Domain

blackcloak.io

Jobs

View 7 jobs

View company profile

Salary

USD 160000–170000

per year