← Back to jobs

Sr. Cloud Security Engineer - FedRamp (Dallas, TX)

zimperium
Posted
Nov 07, 2025
Location
Dallas, Texas
Type
Remote
Category
IT
Source
Lever
Verification
⚠ Unverified — apply with caution

Overview

Zimperium® is an industry leader in enterprise mobile security, being the first and only company to provide a complete mobile threat defense system that offers real-time, on device world-class protection against both known and unknown next generation of advanced mobile cyberattacks and malware. Our MTD and award-winning machine learning-based engine protects against device, network, phishing and application attacks for IOS, Android and Windows devices, using a non-intrusive approach to always protect privacy of users.   Position Summary:   We are seeking a highly experienced and self-directed Senior Cloud Security Engineer to join our team. This critical role is responsible for designing, implementing, and maintaining robust security controls across our multi-cloud environment. The ideal candidate will possess deep technical knowledge, a proactive, automation-first mindset, and the ability to operate independently, taking full ownership of security responsibilities in a fast-paced environment. Location: Dallas, TX Key Responsibilities: Multi-Cloud Security Architecture: Design, implement, and manage security best practices and controls for services hosted across AWS, Azure, GCP, and OCI environments. Infrastructure as Code (IaC) & Automation: Act as the subject matter expert for security automation, leveraging CloudFormation and/or Terraform to deploy secure infrastructure consistently and at scale. System Hardening: Implement and enforce rigorous security configuration benchmarks, specifically CIS Level 2 and DISA STIGs, across all compute environments, including various flavors of Linux and Kubernetes clusters. Security Tooling & Operations: Configure, manage, and optimize cloud-native and third-party security tools such as Palo Alto Prisma Cloud, Orca, Google SecOps, and Palo Alto Next Generation Firewalls. Application & Network Defense: Deploy and manage Web Application Firewalls (WAFs), including F5 and other cloud-native WAF solutions, to protect critical applications. DevSecOps & Pipeline Security: Integrate security testing tools (SAST, DAST, SCA) into CI/CD pipelines to enable "shift-left" security practices. Secrets and Key Management: Design and maintain solutions for the secure storage and rotation of credentials, API keys, and secrets using tools like HashiCorp Vault or equivalent cloud-native services. Risk & Design Review: Conduct threat modeling and perform security reviews for new applications and services to proactively identify and mitigate risks in the design phase. Incident Response & On-Call: Participate in a rotating on-call schedule to address security incidents and operational issues promptly. Compliance & Reporting: Support internal and external audits by generating evidence, writing detailed reports, and delivering clear, concise technical presentations to leadership. Leadership & Mentorship: Operate with minimal oversight, taking the initiative to identify and suggest security improvements and drive projects to complet

Apply on Lever →