RemoteTips
Back to Jobs
Cloud Security Engineer
Function Health
US - Remote
Full Time
9 days ago
Mid LevelEngineeringWorldwide
$80K - $120K

USD per year

Job Description

Cloud Security Engineer

About Us:

Function was founded with a singular focus: empower you to live 100 healthy years. We’re doing that by using the best available technology to make sure people don't suffer or die a preventable death. Function has been recognized as one of Fast Company’s Most Innovative Companies of 2024, and is venture-backed by Andreessen Horowitz (a16z). Hundreds of thousands of members have joined Function to take control of their health. We are growing our team and seeking out world-class talent that deeply believes in our mission to positively impact global health, has a relentless bias toward action and a growth mindset. Function fosters a collaborative and dynamic environment, where every day we are building the future.

Role:

Function Health is building a modern cloud security program to protect our members and platform as we scale. As a Cloud Security Engineer, you’ll focus on securing our Google Cloud Platform (GCP) environments, designing and enforcing guardrails that make our infrastructure secure by default. This role is hands-on and impact-driven: you’ll own detection, hardening, and automation that directly reduce risk across production systems. We’re looking for someone who thrives on solving hard technical problems in cloud environments, knows how to balance speed and control, and can turn complex GCP security challenges into practical, automated solutions. Key Responsibilities

  • Multi-Cloud Engineering: Serve as the primary security partner for teams building across AWS, GCP, and Azure, ensuring pragmatic, high-impact risk reduction and consistency across all environments.
  • Infrastructure Guardrails: Orchestrate and implement organization-level constraints to enforce guardrails and prevent misconfigurations using a "secure-by-default" philosophy.
  • Edge Defense & Connectivity: Own the Cloudflare stack, including the deployment and tuning of WAF rules for public endpoints, global DNS management, and edge-level threat mitigation.
  • Code-to-Cloud Remediation: Partner with engineering to address risks at their origin by mapping cloud vulnerabilities back to source code and integrating automated security checks into CI/CD pipelines.
  • Workload Hardening: Drive deep visibility into cloud workloads, enforcing secure defaults for OS-level hardening, network segmentation, logging, and runtime monitoring.
  • Identity & Access Governance: Lead the adoption of identity best practices across all cloud providers, focusing on least privilege and the elimination of long-lived credentials.
  • Automated Response & Remediation: Design and build automated workflows to remediate high-priority cloud risks and misconfigurations, turning manual security tasks into scalable code.
  • SecOps Partnership: Support the Detection and Response function by integrating cloud-native telemetry and CSPM findings into centralized workflows, providing expertise on cloud forensics and containment.
  • Vulnerability Management: Lead the identification and lifecycle management of cloud-based vulnerabilities, including secrets exposure and service misconfigurations, while partnering with teams on practical fixes.
  • Metrics & Strategy: Define and track cloud security KPIs (e.g., remediation velocity, public endpoint coverage, IAM hygiene) to help shape the long-term infrastructure security roadmap.

Must-Have Qualifications

  • Multi-Cloud Expertise: 5-8 years in cloud security with proven experience managing security controls in AWS, GCP, and Azure.
  • Hands-on experience with the Wiz platform. Preference for candidates who have moved beyond the dashboard and into WizOS, Runtime, and Response & Remediation.
  • Deep knowledge of GCP services (IAM, VPC, GKE, Cloud Run, GCS, KMS, SCC) and their security implications.
  • Experience implementing guardrails with Terraform.
  • Strong grasp of IAM design, service account lifecycle, and secrets management in the cloud.
  • Familiarity with cloud logging/monitoring (Cloud Logging, VPC Flow Logs, Wiz findings) and integration into SIEM/SOAR.
  • Proficiency in Python and Terraform is required. You should be comfortable writing scripts that interact with Cloud APIs to automate infrastructure changes.
  • Ability to work as a peer to Engineering,...
How to Apply
About Function Health

Function Health is a healthcare technology company focused on empowering individuals to live 100 healthy years by providing deep awareness of their health through routine whole-body lab testing, advanced imaging, and access to top doctors. The company aims to remove complexity in healthcare, place exponential health technology in users' hands, and prioritize privacy. It is mission-driven to democratize proactive health management and enable people to avoid disease and feel their best.

Visit company website
View Company Profile
Cloud Security Engineer at Function Health - RemoteTips