Engineering Manager, Cloud Security

• Lead, coach, and develop a team of cloud security engineers, including setting clear goals, providing ongoing feedback, and running performance reviews. • Own the security posture of our AWS and Kubernetes platforms, including multi-account AWS Organizations (SCPs, IAM, VPCs) and multi-cluster Kubernetes environments. • Drive the design and implementation of Zero Trust architectures, including identity-based perimeters, mTLS, network segmentation, and least-privilege access controls. • Partner with Platform, SRE, and Product Engineering teams to embed security into infrastructure roadmaps, CI/CD pipelines, and service architectures. • Establish and scale infrastructure as code and policy as code practices (e.g., Terraform/CDK, OPA/Kyverno) to build automated guardrails and reduce manual configuration. • Act as Incident Commander for high-severity security incidents and vulnerabilities (e.g., Log4j-style events), coordinating technical response, stakeholder communication, and post-incident reviews. • Own the security engineering roadmap for cloud and container security, balancing short-term risk reduction with long-term strategic investments. • Collaborate with Compliance, Risk, and Legal to maintain and improve our security posture relative to frameworks like SOC2 and ISO, and to support customer and regulator inquiries. • Partner with leadership on headcount planning, hiring, and organizational design to ensure the Cloud Security team scales with the business. • Champion a culture of security across Paxos through education, documentation, and close collaboration, helping teams ship secure systems quickly and confidently.