Architectural Leadership: Partner deeply with infrastructure and engineering teams to embed security into development workflows, leading high-level technical discussions to guide security efforts and strategic priorities. - Multi-Cloud Engineering: Design, implement, and continuously improve Sigma Cloud Security across AWS, GCP, and Azure environments with architect-level technical depth. - Threat Modeling & IR: Conduct cloud threat modeling and demonstrate hands-on experience in Cloud Incident Response, including investigating and remediating malicious activity within cloud environments. - Identity & Access: Build IAM and privileged access strategy (RBAC/ABAC, federation, least privilege, cross-account access), eliminating standing privilege and long-lived credentials. Develop and enforce IAM best practices, including zero-trust models and privileged access controls across IaaS and SaaS. - including classification, encryption/KMS, masking/tokenization, access governance, retention/deletion, and exfiltration risk reduction across APIs and data pipelines. - for recurring cloud misconfigurations, drift, and policy violations to reduce manual effort and response time. - Deploy and manage cloud-native services (CSPM, CNAPP, DSPM, SIEM, DLP, WAF, Kubernetes, and container security). - Review and apply zero-trust principles through strict network segmentation, authentication, and authorization. - Develop sophisticated signatures/rules for cloud security and automate detection and response workflows. - Use AI securely and effectively to scale security practices and improve team efficiency. - Stay ahead of threats by leveraging intelligence, attack simulation, and red/blue team learnings. ###
Drive cloud data security controls
Develop automated remediation workflows
Security Stack Management:
Network Defense:
Automation:
AI :
Continuous Evolution:
What We’re Looking For
Minimum 7+ years in Security roles with at least 5+ years focused on Cloud security engineering,IAM, and Data security
Bachelor’s or Master’s degree in Computer Science, Cyber Security, or a related field. - Deep technical expertise in cloud architectures AWS/Azure/GCP; including IAM, networking (VPCs, security groups, PrivateLink), and native security services is strongly desired. - Strong infrastructure-as-code skills—you write Terraform professionally, not just read it. - Advanced understanding and experience with container security, Kubernetes, and secure CI/CD pipeline design
Proven ability to demonstrate incident response experience specifically related to cloud-based malicious activity and breach remediation. - Advanced Cloud IAM expertise: federation, SSO, PAM/JIT access, service identities, and least privilege design. - Strong background in cloud network security (segmentation, private connectivity, egress controls, WAF). - Strong proficiency in scripting languages (e.g., Python, Go, PowerShell) for automation, data analysis, and security tooling development. - Strong knowledge of security platforms such as CNAPP (Wiz), WAF (Cloudflare), SASE (Netskope)
Demonstrated ability to lead cloud/saas architecture reviews and influence senior engineering stakeholders. - Experience securing data platforms (nice to have) - Snowflake, Databricks, BigQuery etc. - Experience in high-growth SaaS or data platforms Organizations (nice-to have)
Prior experience in Platform Engineering, DevSecops or similar (nice-to have)
Certifications (Preferred): Professional-level cloud certifications are required, such as:
AWS: Certified Security – Specialty or Solutions Architect – Professional. - GCP: Professional Cloud Security Engineer or Professional Cloud Architect. - Azure: AZ-500 (Security Technologies) or AZ-305 (Solutions Architect). Why Sigma?
At Sigma, security is at the core of our mission. We power insights and innovation for our customers, and protecting their data is our highest priority. As a Senior Security Engineer, you will have the autonomy to shape our Security Engineering strategy, access to cutting-edge technologies, and the opportunity to solve real problems at scale. Join us and be part of a security team that values collaboration, innovation, and resilience—while giving you the room to grow, lead, and leave your mark on Sigma’s security journey. Additional Job details
The base salary range for this position is $210k - $240k annually. Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work at Sigma Computing. This role is eligible for stock options, as well as a comprehensive benefits package. #### Benefits For Our Full-Time Employees:
Equity
Generous health benefits
Flexible time off policy. Take the time off you need! We look forward to learning how your experience can enable all of us to grow*.*
Note: We have an in-office work environment in all our offices in SF, NYC, and London.
Our Privacy Practices
When you submit a job application on this site, Sigma processes your personal data for the purposes of evaluating your candidacy for employment at Sigma and as otherwise needed throughout the recruitment and hiring process. Please review Sigma’s Candidate Privacy Notice for more details. Please note that your personal data may be transferred to a country other than the one in which it was provided (including to USA, the UK, and Canada). Sigma’s use of AI
This hiring process utilizes artificial intelligence tools to assist in candidate screening and assessment. Our AI tools are designed to complement, not replace, human decision-making.
