Apply on Employer Site

Zimperium · 1 day ago

Sr. Cloud Security Engineer - FedRamp (Dallas, TX)

Dallas, TX

Full-time

Hybrid

Senior Level, Lead/Staff

8+ years exp

Zimperium is an industry leader in enterprise mobile security, providing a complete mobile threat defense system against advanced mobile cyberattacks. They are seeking a highly experienced Senior Cloud Security Engineer to design, implement, and maintain security controls across a multi-cloud environment, ensuring robust protection and compliance.

AppsEnterprise SoftwareNetwork SecuritySecurity

Comp. & Benefits

H1B Sponsor Likely

Responsibilities

Multi-Cloud Security Architecture: Design, implement, and manage security best practices and controls for services hosted across AWS, Azure, GCP, and OCI environments

Infrastructure as Code (IaC) & Automation: Act as the subject matter expert for security automation, leveraging CloudFormation and/or Terraform to deploy secure infrastructure consistently and at scale

System Hardening: Implement and enforce rigorous security configuration benchmarks, specifically CIS Level 2 and DISA STIGs, across all compute environments, including various flavors of Linux and Kubernetes clusters

Security Tooling & Operations: Configure, manage, and optimize cloud-native and third-party security tools such as Palo Alto Prisma Cloud, Orca, Google SecOps, and Palo Alto Next Generation Firewalls

Application & Network Defense: Deploy and manage Web Application Firewalls (WAFs), including F5 and other cloud-native WAF solutions, to protect critical applications

DevSecOps & Pipeline Security: Integrate security testing tools (SAST, DAST, SCA) into CI/CD pipelines to enable 'shift-left' security practices

Secrets and Key Management: Design and maintain solutions for the secure storage and rotation of credentials, API keys, and secrets using tools like HashiCorp Vault or equivalent cloud-native services

Risk & Design Review: Conduct threat modeling and perform security reviews for new applications and services to proactively identify and mitigate risks in the design phase

Incident Response & On-Call: Participate in a rotating on-call schedule to address security incidents and operational issues promptly

Compliance & Reporting: Support internal and external audits by generating evidence, writing detailed reports, and delivering clear, concise technical presentations to leadership

Leadership & Mentorship: Operate with minimal oversight, taking the initiative to identify and suggest security improvements and drive projects to completion

Qualification

Cloud Security EngineeringInfrastructure as CodeSystem HardeningSecurity ToolingDevSecOpsSecrets ManagementLinux AdministrationWAF SolutionsCommunication SkillsLeadership

Required

8+ years of progressive experience in IT, with at least 5 years dedicated to Cloud Security Engineering in a multi-cloud environment

Expert-level proficiency in Infrastructure as Code (IaC) for security automation using Terraform and/or CloudFormation

Deep practical experience securing at least three of the following major cloud providers: AWS, Azure, GCP, and OCI

Proven expertise in system hardening using industry standards like CIS Level 2 and DISA STIGs

Extensive experience with Linux administration and securing containerization technologies, specifically Kubernetes

Hands-on experience with advanced security platforms, including at least two of the following: Palo Alto Prisma Cloud, Orca, Google SecOps, and Palo Alto Next Generation Firewalls

Demonstrated experience with WAF solutions, such as F5 or equivalent cloud-native services

Strong working knowledge of DevSecOps principles, including integrating security tools into CI/CD pipelines

Proven experience with Secret Management solutions (e.g., HashiCorp Vault, AWS Secrets Manager)

Excellent written and verbal communication skills, including the ability to write executive-level reports and deliver technical presentations

Proven ability to operate independently and take ownership of critical responsibilities

Preferred

Experience working within highly regulated environments, such as FedRAMP, DoD, or similar government/financial sectors

Demonstrated experience with implementing and maintaining controls for security frameworks such as ISO 27001 and SOC 2

Experience conducting formal threat modeling and risk analysis

Experience gained from both a large enterprise environment (for process and scale) and a fast-paced startup/tech company (for agility and innovation)

Relevant industry certifications (e.g., CISSP, CCSP, AWS/Azure/GCP Security Specializations)

Company

Zimperium

Zimperium is a mobile security startup that offers protection for mobile devices against the next generation of advanced mobile attacks.

Founded in 2010

Dallas, Texas, USA

201-500 employees

https://www.zimperium.com

H1B Sponsorship

Zimperium has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (11)

2024 (6)

2023 (5)

2022 (11)

2021 (6)

2020 (8)

Funding

Current Stage

Growth Stage

Total Funding

$72M

Key Investors

Sierra VenturesSoftBankWarburg Pincus

2022-03-28Acquired

2018-11-16Series Unknown· $12M

2017-03-07Series Unknown· $15M

Leadership Team

Shridhar Mittal

CEO

Jon Paterson

Chief Technology Officer

Recent News

Techlusive India

Android Phones Hit By New DroidLock Malware That Locks Users Out And Demands Ransom

2025-12-13

Mirror.co.uk

Urgent Android alert as new bug 'permanently destroys' files and locks users out of phones

2025-12-12

TechJuice

New DroidLock Android Malware Locks Phones and Demands Ransom

2025-12-12

Company data provided by crunchbase