We're looking for a Senior infrastructure Security Engineer with a strong focus on cloud security, particularly within Google Cloud Platform (GCP). The ideal candidate should have in-depth expertise in data and infrastructure security in cloud environments, using GCP tools and technologies. As a vital member of our security team, you'll work across functions to proactively prevent, detect, and respond to threats against our cloud-based infrastructure. Join our expanding team of skilled security professionals dedicated to innovating and securing Prosper's cloud platforms, utilizing state of the art security tools for the benefit of our customers and employees.
How you'll make an impact
Take ownership of cloud security work across GCP and Azure, from design through day-to-day execution, working closely with infrastructure, platform, data, and application teams
Run our data security and vulnerability management efforts, including DLP, sensitive data discovery, and remediation tracking across both cloud environments
Build and maintain security automation using IaC (Terraform) and CI/CD pipelines so security controls are consistent, auditable, and easy for engineering teams to adopt
Own and evolve our cloud security posture tooling (Wiz) tuning policies, investigating real risks, cutting down noise, and driving fixes that actually reduce exposure
Regularly review cloud configurations, identify gaps, and fix issues before they turn into incidents, while owning infrastructure security controls tied to PCI and SOC 1/2
Write and maintain clear cloud security standards and runbooks that engineers can actually follow
Improve detection and response by building practical detections and response playbooks in Chronicle SIEM
Act as a senior escalation point during incidents, helping teams triage, contain, and resolve cloud security issues
Mentor other engineers and help raise the overall security bar without creating friction or silos
Skills that will help you thrive
A minimum of 8 years of related experience with a Bachelor’s degree; or 6 years and a Master’s degree
Hands-on cloud or infrastructure security experience, with real production experience in both GCP and Azure
Experience with security assessments, security design reviews, or threat modeling
Strong understanding of cloud fundamentals; IAM, networking, logging, monitoring, encryption and how security failures actually happen in cloud environments
Experience delivering comprehensive security solutioning through design, coding, configuration and deployment
Solid Python skills for automation, integrations, and reducing manual security work
Practical experience using Terraform and security-as-code, including integrating security checks into CI/CD pipelines
Hands-on experience with Wiz or similar CNAPP tools, with the ability to distinguish real risk from noise and drive remediation
Experience writing or tuning detections in Chronicle SIEM and understanding how cloud threats show up in logs
Background in vulnerability management, including prioritization, remediation tracking, and working with engineering teams to get fixes shipped
Familiarity with penetration testing and using findings to improve systems, not just generate reports
Ability to explain risk clearly to engineers without jargon
Comfortable owning and driving projects end-to-end as an Individual Contributor or with a team, leveraging a highly collaborative environment
Resources to help you prosper
A connected experience:We prioritize high-touch collaboration and flexibility. Whether you are working from our San Francisco or Phoenix offices or joining us as a fully remote team member, we provide the digital-first tools and intentional culture to keep you synced and supported
Invested in your future:A competitive salary and a 401(k) with a 5% company match to help you build long-term financial security
Holistic well-being:We provide the resources you need to thrive, from flexible time off and paid parental leave to an annual wellness allowance and comprehensive health coverage
Professional & personal growth:Take advantage of a suite of premium perks, including Udemy access, childcare assistance, pet insurance, and a bevy of additional savings through Beneplace
Interview Process
Recruiter Call: A brief screening to discuss your experience and initial questions.
Department Interview: Deeper dive into technical skills and project alignment with the Hiring Manager or team member.
Team/Virtual Interview: Meet team members for collaborative discussions, problem-solving, or technical exercises.
Final Round: Discussion with a department head/executive.
