remote

Senior Staff Engineer, Cloud Security

Epic Games is seeking a Senior Staff Engineer, Cloud Security to define and drive cloud security strategy across their products and platforms. This role involves designing and implementing advanced security controls, developing automation, conducting threat modeling, and integrating security into the SDLC for cloud-native environments.

About the role

About the Role

Epic Games is looking for a Senior Staff Engineer, Cloud Security. The ideal candidate will have extensive experience in designing, implementing, and maintaining robust security solutions for cloud-native environments. You will be responsible for defining and driving the cloud security strategy across Epic's various products and platforms, ensuring the confidentiality, integrity, and availability of our systems and data.

What You'll Do

Design and implement advanced security controls and architectures for cloud platforms (AWS, Azure, GCP).
Develop and enforce security best practices across our cloud infrastructure and applications.
Lead the development of security tools and automation to enhance our security posture.
Conduct threat modeling, vulnerability assessments, and penetration testing of cloud environments.
Collaborate with engineering teams to integrate security into the SDLC (Secure Development Lifecycle).
Respond to security incidents and participate in post-incident analysis.
Mentor junior security engineers and promote a culture of security within the organization.
Stay up-to-date with the latest cloud security trends, threats, and technologies.
Drive the adoption of DevSecOps principles and practices.

What We're Looking For

10+ years of experience in information security, with a strong focus on cloud security.
Deep expertise in at least one major cloud provider (AWS, Azure, or GCP).
Experience with container orchestration technologies like Kubernetes.
Proficiency in programming languages such as Go, Python, JavaScript, Rust, or Java.
Strong understanding of network security, identity and access management, data protection, and incident response.
Experience with security automation and infrastructure as code.
Excellent communication and leadership skills.
Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.

Nice to Have Skills

Experience with multiple cloud providers.
Familiarity with various operating systems (Linux, Windows, macOS, Android, iOS).
Knowledge of database security (SQL, NoSQL).
Experience with compliance frameworks (e.g., SOC 2, ISO 27001).
Certifications such as CSSLP, CCSP, AWS/Azure/GCP Security Specialty.

About the role

About the Role

What You'll Do

Design and implement advanced security controls and architectures for cloud platforms (AWS, Azure, GCP).
Develop and enforce security best practices across our cloud infrastructure and applications.
Lead the development of security tools and automation to enhance our security posture.
Conduct threat modeling, vulnerability assessments, and penetration testing of cloud environments.
Collaborate with engineering teams to integrate security into the SDLC (Secure Development Lifecycle).
Respond to security incidents and participate in post-incident analysis.
Mentor junior security engineers and promote a culture of security within the organization.
Stay up-to-date with the latest cloud security trends, threats, and technologies.
Drive the adoption of DevSecOps principles and practices.

What We're Looking For

10+ years of experience in information security, with a strong focus on cloud security.
Deep expertise in at least one major cloud provider (AWS, Azure, or GCP).
Experience with container orchestration technologies like Kubernetes.
Proficiency in programming languages such as Go, Python, JavaScript, Rust, or Java.
Strong understanding of network security, identity and access management, data protection, and incident response.
Experience with security automation and infrastructure as code.
Excellent communication and leadership skills.
Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.

Nice to Have Skills

Experience with multiple cloud providers.
Familiarity with various operating systems (Linux, Windows, macOS, Android, iOS).
Knowledge of database security (SQL, NoSQL).
Experience with compliance frameworks (e.g., SOC 2, ISO 27001).
Certifications such as CSSLP, CCSP, AWS/Azure/GCP Security Specialty.