[Remote] Cloud Security Engineer`
Note: The job is a remote job and is open to candidates in USA. Virta Health is on a mission to reverse metabolic disease in one billion people through innovations in technology and personalized care. They are seeking a Cloud Security Engineer to lead the application security program, ensuring security is integrated into the development lifecycle and protecting sensitive health information.ResponsibilitiesOwn and Enhance Security Design: Assess our current security controls within GCP and Kubernetes, identify areas for improvement, and drive the maturation of our security posture from good to greatChampion Secure Development: Partner closely with Engineering, Product, and Platform teams to integrate security best practices early and often ("shift-left") into the software development lifecycleBuild and Automate: Design, implement, and manage security tooling and automation to streamline vulnerability detection, remediation, and compliance verification. Replace manual processes with efficient, automated solutionsRefine Access Control: Evolve our identity and access management (IAM) strategy, ensuring least-privilege access and robust auditing capabilities across our systemsStrengthen Network Security: Continuously improve our network security architecture, policies, and controls within our cloud environmentDevelop Clear Standards: Establish, document, and communicate practical security policies, standards, and guidelines for engineering teamsLead Security Initiatives: Drive vulnerability management efforts and enhance our incident response preparedness, ensuring we are ready to handle potential threats effectivelyCultivate Security Awareness: Act as a security evangelist, promoting security awareness and best practices throughout the engineering organizationSkillsUnderstanding and practical experience in securing cloud-native applications and infrastructure, particularly in Kubernetes environments. GCP experience is strongly preferredStrong grasp of networking concepts, identity management (IAM), encryption, and common web application vulnerabilities (e.g., OWASP Top 10)Excellent communication skills with the ability to clearly articulate complex security concepts to diverse audiences and influence technical direction across teamsSignificant hands-on experience in application security, including threat modeling, secure coding practices, vulnerability management, and security testing (SAST, DAST, IAST)Proficiency in Infrastructure as Code (IaC) tools, specifically TerraformDevelopment experience with Go and PythonCompany OverviewVirta delivers a clinically-proven treatment to reverse type 2 diabetes and other chronic metabolic diseases. It was founded in 2014, and is headquartered in Denver, Colorado, USA, with a workforce of 1001-5000 employees. Its website is http://virtahealth.com.Company H1B SponsorshipVirta Health has a track record of offering H1B sponsorships, with 1 in 2026, 3 in 2025, 2 in 2024, 2 in 2023, 4 in 2022, 2 in 2021, 3 in 2020. Please note that this does not guarantee sponsorship for this specific role.