Remote, Long Beach, CA, US

Job Term


Company Website

About the role and about You:

The Zwift Information Security Team is looking for a Cloud Security Engineer to help build and grow security operations for our cloud based services platform. You will champion security due diligence efforts, plan security integrations, and collaborate with cloud and engineering teams to ensure resilient security-focused architecture. You will partner with key project stakeholders to review technology proposals, identify key security impacts, implement actionable plans to achieve remediation of security threats, and dive deep into tactical security aspects of a cloud-based containerized service built from the ground up. Cloud Security Engineers oversee and influence cross-functional teams with a keen focus on security due diligence and integration. 

Successful Cloud Security Engineers at Zwift are self-starters, able to work autonomously in ambiguous environments, and collaborative natural problem solvers with experience automating and integrating disparate technologies. You should have strong problem-solving skills, excellent communication skills, a deep technical understanding of modern cloud and containerized security threats, the ability to influence people from customers to managers through technical solutions, and the desire to be an integral contributor to securing Zwift’s systems and services technology platforms.

The Zwift Information Security Team is responsible for the security and availability of all services offered by Zwift, as well as providing security support for teams leveraging those services. This team works with service teams to design and build secure solutions, participate and coordinate cross-organization security initiatives, review and audit proposed technologies and services, and solve security challenges at scale. This is an exciting and visible role – you will directly influence the security postures for Zwift products and services. 

What you’ll do:

● Collaborate with Engineering teams across Zwift to build and validate secure and scalable
containerized architectures in the cloud.
● Implement information security controls and patterns that support risk assessments and the
development of secure architectures.
● Collaborate with engineering teams to drive product roadmaps, by providing security
requirements that map security controls to service features.
● Identify and mitigate risks throughout our corporate and production environments.
● Provide continuous technical support and escalation management for security related issues
throughout Zwift.

● Identify opportunities for process improvement, including the development and implementation of
internal security tools, tactics, and procedures.
● Provide security related guidance and documentation.

What you'll have:

  • Bachelor's Degree in Computer Science, Information Security, or a related field (or 4 years equivalent experience)
  • 5+ years of hands-on experience securing container based infrastructures.
  • 5+ years of experience in Cloud Security Engineering roles, strong familiarity with the principles of DevOps, DevSecOps and Agile development.
  • 5+ years of hands-on experience securing cloud applications and infrastructure in AWS.
  • Proficient in Infrastructure as Code (IaC) languages such as Terraform
  • Understanding and experience with CI/CD security and its implementation
  • Understanding of security vulnerabilities, attacker exploit techniques and methods for remediation of such.
  • Excellent understanding/working knowledge of the public cloud infrastructure and services in AWS (IAM, VPC, KMS, CloudWatch, Systems Manager, S3, RDS, Route53, Lambda, AWS Config, etc.).
  • Excellent understanding of Docker and container orchestration with Kubernetes and experience running production Kubernetes clusters in Amazon EKS with a focus on Security
  • Experience implementing and leveraging centralized logging and monitoring solutions such as Elasticsearch, Kibana, Fluentd, Influxdb, Prometheus, Grafana etc.
  • Experience communicating technical concepts to a non-technical audience.
  • Demonstrated experience in areas such as system security, network, and/or application security experience.
  • Understanding of best practices in one or more Cloud Security Engineering specialties: secure development, cryptography, network security, security operations, systems security, policy, and incident response.
  • Experience with scripting and automation (Python, Go, JS, C, C++, Java, Ruby, or PowerShell)
  • Socially confident with good organization, communication, and presentation skills.
  • Self-starter with good analytical skills and a proactive approach to problem-solving.
  • Prior working experience in or with a Software Development or Security Consulting Team is a plus.

The base salary for this position ranges between $112,000 - $152,000. The base salary will be based on a number of factors including the role offered, the individual's job-related knowledge, skills, qualifications, and geographic location. In addition to base salary, Zwift is proud to offer a comprehensive and competitive benefits package for all eligible employees which also includes performance bonuses, equity, and a full range of medical, financial, and other perks and benefits.



How to stand out among the rest:

Your resume/CV is enough to show off your skills, accomplishments, and experience. However, if you choose to include a cover letter introducing us to your awesome personality, we will read that too.

We strongly believe that different backgrounds and ideas are a competitive advantage; we hire candidates of any race, color, ancestry, religion, sex, national origin, sexual orientation, gender identity, age, marital or family status, disability, Veteran status, and any other status. Zwift is proud to be an Equal Opportunity Employer. If you have a disability or special need that requires accommodation, please let us know by emailing careers[email protected] 

Zwift, Inc. is an Equal Opportunity Employer.

Transparency in Coverage: 

Health plan price transparency is designed to help consumers know the cost of covered items or healthcare-related services prior to the date upon which they receive care. Transparency in Coverage (TIC) regulations require health insurers and group health plans to create machine readable files (MRFs) that contain the negotiated rates for in-network providers and allowed amounts derived from historical claims for out-of-network providers and make those files publicly available.

Here is the link to the site on which Kaiser Permanente posts its in-network and out-of-network allowed amount machine-readable files (MRFs).

Here is the link to the site on which Anthem posts  its in-network and out-of-network allowed amount machine-readable files (MRFs). The link will allow you to search for your files using your Employer Identification Number (81-2798595)

Apply now