Security Engineer, Cloud

Vercel is the agentic infrastructure company. We free people and agents to ship what’s next.

For more than a decade, Vercel has shaped how the web is built. As the team behind Next.js, v0, and AI SDK, we create products that help builders move from idea to production with speed, security, and exceptional developer experience.

Now, software is entering a new era, and the next generation of products will not just be used by people. They will be built, extended, and operated by agents.

We are building the platform for that future, trusted by companies like OpenAI, PayPal, Ramp, Supreme, and millions of developers worldwide. Whether you’re building our products, supporting our customers, growing our community, or shaping our story, you’ll help define what comes next.

We're looking for a Security Engineer to join our Cloud Security Engineering team. In this role, you'll help strengthen the security of our platform by building and improving the controls that protect our infrastructure. You'll play a key role in making security a core part of how we build, deploy, and scale our systems, while helping the company grow securely and confidently.

You'll report to the Security Operations Manager, and this is a hybrid or fully remote within the United States. If you're based within commuting distance of our SF or NY offices, the role includes in-office anchor days on Monday, Tuesday, and Friday.

• →Design and implement scalable security controls across our cloud-native platform.
• →Harden infrastructure components using infrastructure-as-code, policy enforcement, and service isolation.
• →Build secure by default infrastructure and code CI/CD pipelines.
• →Collaborate with platform and infrastructure teams to integrate security best practices into architecture and workflows.
• →Stay ahead of cloud security trends and adopt cutting-edge technologies to enhance platform resilience.
• →Conduct threat modeling, risk analysis, and mitigation planning for critical systems.
• →Drive improvements in monitoring, detection, and incident response at the platform level.
• →Build, deploy and maintain relevant tooling.

• 8+ years of experience in infrastructure or platform security roles.
• Deep understanding of secure cloud infrastructure (AWS/GCP), identity and access management, and system hardening.
• Proficient with tools like Terraform, CDK, Kubernetes, and CI/CD security.
• Skilled at balancing engineering realities with principled security practices.
• Proven track record of shipping secure, resilient systems at scale.

• Have built or scaled security automation pipelines.
• Contributed to open-source security projects or tools.
• Hold certifications such as GCP Security Engineer, AWS certifications, CISSP, or OSCP.
• Hold a bachelors or masters degree in Cybersecurity or similar disciplines.