**Security Engineer II - Cloud Security** **US - Remote** **JR103846** **About the Team** HashiCorp’s Cloud Infrastructure & Platform Security team is responsible for the security of HashiCorp’s cloud - both our cloud service provider (AWS, Azure, GCP) environments and our underlying HCP platform (https://www.hashicorp.com/cloud) infrastructure.This is a fully remote team. While prior experience working remotely isn't required, we are looking for team members who perform well given a high level of independence and autonomy. **What you’ll do** This role provides a great opportunity for those who are **passionate about advancing our security posture in a multi-cloud estate** , those **passionate about building scalable software to solve security problems** , and, especially, those who are passionate about both. As a member of the team, you’ll help: + Define insightful metrics to further guide our cloud security posture and progress. + Ensure we have best practices implemented across our multi-cloud environment. + Partner with engineering and other stakeholders to define and drive secure-by-default environments supporting our products and the enterprise. + Develop tooling to drive our cloud security program forward. **What you’ll need (basic qualifications)** + You have a broad understanding of the fundamentals of AWS security. It’s a plus if you can explain their policy evaluation logic (https://docs.aws.amazon.com/images/IAM/latest/UserGuide/images/PolicyEvaluationVerticalRCP.png) . + You find topics like Building a Data Perimeter on AWS (https://docs.aws.amazon.com/pdfs/whitepapers/latest/building-a-data-perimeter-on-aws/building-a-data-perimeter-on-aws.pdf#document-revisions) interesting. + You have 3+ years of software development experience (Go and/or Python preferred). + You have experience codifying infrastructure and deployment pipelines (Terraform and GitHub Actions preferred). + You have strong written and verbal communication skills and have experience articulating security risk to stakeholders across an organization. + You are able to seek out opportunities for a high-degree of positive impact and outline paths forward without explicit direction. + You agree with, understand, and consistently display the principles of HashiCorp (https://www.hashicorp.com/our-principles) in your interactions and in your work. **What’s nice to have (preferred qualifications)** + You have a broad understanding of the fundamentals of Azure security. + You have experience utilizing Azure Policies (https://learn.microsoft.com/en-us/azure/governance/policy/overview) to enforce security standards across an Azure tenant. \#LI-REMOTE