About Us
HiBob helps modern, mid-size businesses transform the way they manage people, giving HR and managers all they need to connect, engage, develop, and retain top talent. Since 2015, we’ve achieved consecutive triple-digit year-over-year growth, all backed by our amazing team of Bobbers from across the globe, making us the choice HRIS of over ~5500 midsize and multinational companies.
Our HR platform is intuitive, data-driven, and built for the way people work today: globally, remotely, and collaboratively. Fast-growing companies across the globe such as Monzo, Happy Socks, Fiverr, and VaynerMedia rely upon Bob to help them create the best work experiences for their people.
Come and be you with us
Being a Bobber is all about being you. We want you to bring all parts of yourself to work, giving you the freedom and confidence to be the best you and do your best work. If that’s bubbly, shy, precise, funny, bold, kind, honest, brilliant, or anything in between, we’re waiting with open arms. Come join us.

We are looking for a highly skilled Cloud Security Engineer who can embed security across cloud infrastructure, CI/CD pipelines, applications, and AI-enabled environments. This role is ideal for someone with deep hands-on experience in cloud security, automation, and secure software delivery, combined with growing or strong specialization in AI/ML security, LLM security, and modern data platform protection.

The ideal candidate will help design, implement, and scale security controls across our cloud-native ecosystem while partnering closely with engineering, platform, data, and AI teams to ensure security is built into every stage of development and deployment.

• Bachelor’s degree in Computer Science, Cybersecurity, Information Security, or a related field, or equivalent practical experience

• 3+ years of experience in cloud security, DevSecOps, application security, or infrastructure security roles

• Strong hands-on experience with at least one major cloud platform: AWS, Azure, or GCP

• Practical experience with containers, Kubernetes, Terraform, and CI/CD tools such as GitHub Actions, GitLab CI, Jenkins, or similar

• Strong understanding of security engineering principles including IAM, network security, encryption, logging, secrets management, and vulnerability management

• Experience implementing security tooling in engineering workflows

• Scripting or coding experience in Python, Bash, or Go

• Strong communication skills and ability to work cross-functionally with engineering and platform teams

Preferred Qualifications

• Experience securing AI/ML platforms, MLOps pipelines, or LLM-based applications

• Familiarity with AI security topics such as prompt injection, model security, data poisoning, adversarial ML, privacy risks, and AI governance

• Experience with security in cloud-native architectures, microservices, and distributed systems

• Experience with SIEM, CSPM, CNAPP, EDR, or cloud workload protection platforms

• Relevant certifications such as:

AWS Security Specialty

Google Professional Cloud Security Engineer

CISSP, CCSP, or Kubernetes security certifications

Technical Skills

Cloud platforms: AWS / Azure / GCP

DevSecOps tools: SAST, DAST, SCA, IaC scanning, container scanning

Infrastructure and orchestration: Terraform, Docker, Kubernetes

CI/CD: GitHub Actions, GitLab, Jenkins, ArgoCD

Security concepts: IAM, zero trust, secrets management, encryption, logging, incident response

• Design, implement, and manage security controls across cloud environments such as AWS, Azure, or GCP

• Secure cloud infrastructure, Kubernetes clusters, containers, storage, networking, IAM, and secrets management

• Define and enforce cloud security baselines, guardrails, and best practices using infrastructure-as-code and policy-as-code

• Monitor cloud environments for misconfigurations, threats, and anomalous behavior, and drive remediation efforts

• Support incident response, threat detection, vulnerability management, and post-incident reviews for cloud systems

• Integrate security into CI/CD pipelines and software delivery processes

• Implement automated security testing such as SAST, DAST, SCA, container scanning, IaC scanning, and secrets detection

• Partner with engineering teams to improve secure SDLC practices and reduce security friction

• Build reusable security automation and self-service controls for developers and platform teams

• Collaborate with DevOps, SRE, and engineering teams to harden deployment pipelines and production environments

• Partner with AI and data teams to secure AI/ML workflows, model development, and deployment pipelines

• Define security controls for LLM applications, training data, vector databases, APIs, model endpoints, and agent-based systems

• Help assess and mitigate AI-specific risks such as prompt injection, model abuse, sensitive data leakage, insecure plugins/tools, supply chain risks, and unauthorized model access

• Contribute to governance and best practices for responsible and secure AI adoption

• Support risk assessments and security reviews for AI-enabled products and internal AI tooling