Unacast is a leading provider of global location intelligence that delivers cutting-edge analytics about human mobility in the physical world. We are a team of experts with decades of unmatched industry experience and we partner with organizations across the private and public sectors to unlock the potential of location data. Unacast drives smarter decision-making based on trustworthy, reliable, and privacy-friendly location intelligence that powers both commercial and societal benefits.
Position Overview:
Unacast is seeking a Senior Cloud Security Engineer focused on AWS cloud security to own and strengthen the security of our cloud environment. Reporting to the VP of Engineering, this is a hands-on role responsible for designing, implementing, and operating security controls across AWS infrastructure and services. The role extends beyond AWS, covering broader security responsibilities across the company’s systems and access environment. This role is ideal for a Cloud Security Engineer who thrives in cloud environments and enjoys building and operating security systems and is comfortable getting into the details.
As AI tools become embedded in engineering workflows, this role will support Unacast's responsible adoption of AI by helping define approved tools, appropriate use of company and customer data, and guardrails to protect against data leakage, prompt injection, and other AI- specific risks.
What You Will Do:
- Design, implement, and maintain security controls and policies across AWS environments to protect systems and data.
- Lead the integration of security practices into the DevOps lifecycle, promoting secure development, deployment, and operational processes.
- Utilize AWS security tooling and security services to support detection, prevention, and continuous improvement of cloud security posture.
- Identify, assess, and drive remediation of security risks and vulnerabilities in cloud infrastructure in partnership with engineering teams.
- Monitor cloud environments for threats, investigate suspicious activity, and respond to security alerts and events.
- Support incident response, penetration test findings, and security audit remediation, including containment, investigation, and post-incident follow-up.
- Deploy security technologies, including firewalls, intrusion detection systems, and access controls, while establishing device-level malware and antivirus standards to safeguard endpoints and cloud environments.
- Stay current on emerging threats, vulnerabilities, and compliance requirements, and apply best practices to strengthen overall security posture.
- Maintain security policies, documentation, and internal security standards.
- Support customer security reviews and respond to security questionnaires as needed.
- Act as Google Workspace administrator, managing access and account security.
- Support compliance initiatives such as ISO 27001 and SOC 2 as needed.
- Establish and maintain the company's AI usage policy, including approved tools, acceptable use guidelines, and data handling requirements for AI assistants, coding agents, and LLM-based services.
- Evaluate and vet AI tools (including coding assistants, agentic systems, and SaaS integrations with embedded AI) for security, privacy, and compliance risks before company-wide adoption.
- Define guardrails for AI use with sensitive data, customer data, and regulated information, ensuring alignment with SOC 2, ISO 27001, and customer contractual obligations.
- Educate engineering and non-technical teams on safe AI practices, including prompt hygiene, awareness of prompt injection and data exfiltration risks, and secure use of agentic tools perform actions within company systems.
- Monitor the evolving AI threat landscape (model supply chain risks, prompt injection, data poisoning, shadow AI usage) and update controls and policies accordingly.
- Review AI tool integrations in the DevOps lifecycle, including code generation, automated PR review, and agentic deployment tools, to ensure they meet security standards.
Experience:
- 5+ years of experience in information security, with at least 3 years concentrated on cloud security within AWS environments. Certifications (e.g., CISSP, AWS Certified Security Specialty, etc.) are preferred.
- Deep understanding of AWS architecture, security services, and best practices for securing cloud applications and data.
- Experience integrating security into engineering, DevOps, and cloud environments.
- Solid knowledge of network security, encryption technologies, and secure coding practices.
- Experience with security frameworks, standards, and best practices, including hands-on experience with incident response, risk assessment, penetration testing, and security audits.
- Awareness of emerging security threats, trends, and new technologies impacting the field.
- Excellent analytical skills for identifying and mitigating complex security vulnerabilities and risks.
- Excellent communication skills with the ability to translate complex security topics for both technical and non-technical stakeholders.
- Organized and able to manage multiple priorities in a dynamic, fast-paced environment.
- A roll-up-your-sleeves mentality, eager to own, build, and execute security initiatives at all levels
- Experience developing or contributing to acceptable use policies and security guardrails for AI tools (coding assistants, LLM APIs, agentic systems) in a corporate or engineering environment.
- Familiarity with AI-specific risks including prompt injection, data leakage through model providers, model supply chain concerns, and the security implications of agentic tools with action-taking capabilities.
- Ability to evaluate AI vendors and their data handling practices (training opt-outs, data retention, regional processing) against compliance requirements.
What we expect of you
- Demonstrate a proactive and entrepreneurial mindset.
- Contribute to a positive and enjoyable work environment.
- We operate like a startup, so things change fast, you need to be agile and proactive.
- Personal characteristics we value include: high integrity, entrepreneurial spirit, innovative thinking, team player, passion for technology, adaptability, high energy and attention to detail.
Other Info
This is a remote position that may require occasional travel. Candidates must reside in the continental United States with a preference for individuals who live in the EST time zone and/or those residing in the following states: CO, FL, GA, IL, IA, IN, MD, NC, NJ, NM, NY, PA, RI, SC, TX, VA, WV
We offer competitive salaries and benefits and unlimited PTO. The typical base salary range for this role is $130,000 to $170,000. Ranges are based on various factors including the labor market, job type, job level, internal equity and budget. Exact salary offers will be determined by factors such as the candidate's skills, qualifications, experience and geographic location.
Unacast is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, creed, disability, ethnicity, gender identity or expression, marital status, national origin, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by law.
Unacast is committed to making the job application process accessible to everyone. If you are living with a disability (visible or not visible), we will provide a reasonable accommodation for any part of the application or hiring process. To request an accommodation in connection with the application or recruiting process, please contact Human Resources at 703-840-8850. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
Unacast participates in the E-Verify program.