Cloud Security Engineer

About the role

We are looking for an experienced Cloud Security Engineer to join Hex’s security team. You will be responsible for ensuring the security and resilience of our cloud infrastructure, providing leadership in cloud security practices, and collaborating closely with our infrastructure and engineering teams to secure our cloud-native applications.

About the role:

• Design, implement, and manage security solutions and controls for AWS environments and Kubernetes clusters, including appropriate isolation/sandboxing methods for Hex’s RCE-as-a-Service platform
• Build, deploy, and maintain infrastructure-as-code using Terraform, ensuring robust security standards are enforced.
• Conduct security assessments, threat modeling, and audits on AWS cloud infrastructure and Kubernetes deployments.
• Collaborate with development and operations teams to embed security best practices into CI/CD pipelines.
• Monitor and respond to cloud security incidents, identifying root causes and recommending remediation actions.
• Provide expertise in compliance requirements related to cloud security (e.g., SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS).
• Mentor engineers and advocate for cloud security across the organization.

About you:

• 5+ years of experience in cloud security engineering, with extensive expertise in AWS.
• Demonstrated proficiency with Kubernetes security including cluster hardening, role-based access control (RBAC), network policies, and container vulnerability management.
• Expert-level knowledge and hands-on experience with Terraform.
• Familiarity with AWS security services (e.g., IAM, GuardDuty, Security Hub, CloudTrail, WAF).
• Familiarity with CNAPP solutions such as Wiz
• Familiarity with SIEM solutions such as Panther
• Solid understanding of secure software development lifecycle practices, CI/CD security, and DevSecOps methodologies.

Our Engineering team

We’re a group of engineers who are forging new ground together and love partnering with Security on our journey to pull ahead of our competition. You can read about how we think through problems as well as how we learn from mistakes on our blog here:

• How we took down production…
• Beyond Linear Notebooks
• A pragmatic approach to live collaboration

Our Tech Stack

app.hex.tech runs on AWS:

• EKS
• RDS (Postgres)
• EC2
• S3

app.hex.tech uses:

• Node.js
• TypeORM
• Apollo GraphQL
• React
• Redux
• … and more

app.hex.tech is written in:

• TypeScript
• Python
• Node
• Terraform

In addition to our unique culture, Hex proudly offers a competitive total rewards package, including but not limited to, market-benched salary & equity, comprehensive health benefits, and flexible paid time off.

About Hex

Hex is growing our team of builders on a mission to make everyone a data person. Our platform solves key pain points with today's data and analytics tooling, and empowers anyone to explore data using natural language, with or without code, on trusted context. Thousands of customers like Ramp, Figma, Stubhub, Anthropic, and Gamma love Hex for our beautiful UI, agentic superpowers, and boundless flexibility.

Hex has raised over $100M from leading investors like Sequoia, a16z, Snowflake and Amplify. With office hubs in San Francisco and New York, as well as remote team members throughout the US and UK, we're a high-agency team that ships fast and has fun doing it. Check out our Intro to Hex video and employee handbook to learn more about what it's like to work at Hex.