Senior Cloud Security Engineer (Remote)

Progressive Leasing
Full_time

📍 Job Overview

  • Job Title: Senior Cloud Security Engineer (Remote)
  • Company: Progressive Leasing
  • Location: Remote - GA, United States
  • Job Type: Full-Time
  • Category: DevOps & Cloud Security
  • Date Posted: 2025-05-08
  • Experience Level: 5-10 years
  • Remote Status: Remote (Solely)

🚀 Role Summary

  • Strategic Cloud Security Leadership: Develop, implement, and manage cloud security strategies across AWS and Azure environments.
  • Cross-Functional Collaboration: Work with DevOps, Engineering, and Compliance teams to build secure-by-design solutions and improve cloud security continuously.
  • Hands-On Execution: Lead the implementation of cloud security controls, ensuring compliance with best practices and industry standards.
  • Risk Mitigation: Identify, resolve, and mitigate cloud security risks through proactive measures and incident response efforts.
  • Cloud Security Advocacy: Promote cloud security best practices across the organization and advocate for enhanced security measures.

📝 Enhancement Note: This role requires a balance of strategic planning and hands-on execution, making it an excellent fit for experienced cloud security professionals seeking to make a significant impact on an organization's cloud security posture.

💻 Primary Responsibilities

  • Cloud Security Strategy: Develop, enforce, and maintain cloud security policies, standards, and governance processes.
  • Security Control Implementation: Lead the implementation of cloud security controls, ensuring compliance with best practices and industry standards.
  • Risk Assessment & Mitigation: Identify, assess, and mitigate cloud security risks, ensuring adherence to compliance standards such as NIST, SOC 2, and PCI DSS.
  • Threat Detection & Response: Collaborate with Security Operations on cloud incident response efforts and threat detection tuning.
  • Threat Modeling & Security Reviews: Perform threat modeling and security reviews for new and existing cloud services to identify potential vulnerabilities.
  • Cloud Security Automation: Collaborate with DevOps teams to integrate security controls into CI/CD pipelines, fostering a DevSecOps culture.
  • Cloud Security Metrics & Reporting: Design and maintain cloud security metrics, dashboards, and reporting for senior leadership.
  • Cross-Functional Collaboration: Work with IT and other teams to enhance cloud security and advocate for security best practices across the organization.

📝 Enhancement Note: The primary responsibilities of this role require a strong understanding of cloud security best practices, hands-on experience with cloud security tools, and the ability to work effectively with various teams to drive security initiatives.

🎓 Skills & Qualifications

Education: A Bachelor's degree in Computer Science, Information Security, or a related field is preferred. Relevant certifications (e.g., CISSP, CCSK, or AWS Certified Security - Specialty) are a plus.

Experience: 5+ years of experience in cloud security, infrastructure security, or a related field, with a strong focus on AWS and Azure environments.

Required Skills:

  • Deep expertise with AWS, with a strong understanding of Azure cloud environments.
  • Strong knowledge of automation tools and infrastructure-as-code (Terraform, CloudFormation, etc.).
  • Hands-on experience with CNAPP and other related third-party cloud security capabilities.
  • Familiarity with cloud-native security services (e.g., AWS GuardDuty, Azure Defender).
  • Strong knowledge of IAM, network security, encryption, data protection, and logging and monitoring best practices in AWS and Azure.
  • Experience with container security (Kubernetes, Docker, EKS).
  • Exposure to governance and policy development aligned with standards like NIST, SOC 2, PCI DSS, or CIS Benchmarks.
  • Strong problem-solving skills and ability to lead cloud security initiatives independently.
  • Excellent communication skills to present cloud security insights to technical and non-technical stakeholders.

Preferred Skills:

  • Experience with multi-cloud environments and hybrid cloud security.
  • Familiarity with cloud security posture management (CSPM) tools.
  • Knowledge of cloud security architecture and design principles.
  • Experience with cloud security information and event management (SIEM) systems.
  • Familiarity with DevSecOps practices and CI/CD pipelines.

📝 Enhancement Note: While the required skills focus on technical proficiency, the preferred skills highlight areas where candidates can bring additional value to the organization, such as experience with multi-cloud environments and knowledge of cloud security architecture and design principles.

📊 Web Portfolio & Project Requirements

Portfolio Essentials:

  • Cloud Security Projects: Highlight cloud security projects that demonstrate your ability to develop, implement, and manage cloud security strategies.
  • Risk Assessment & Mitigation: Showcase examples of identifying, assessing, and mitigating cloud security risks in previous roles.
  • Incident Response & Threat Detection: Include case studies or examples of cloud incident response efforts and threat detection improvements you've led.
  • Security Control Implementation: Demonstrate your experience implementing cloud security controls and ensuring compliance with best practices and industry standards.

Technical Documentation:

  • Cloud Security Policies & Procedures: Provide examples of cloud security policies, standards, and governance processes you've developed or maintained.
  • Security Control Documentation: Showcase documentation detailing the implementation and maintenance of cloud security controls.
  • Risk Assessment & Mitigation Documentation: Include documentation outlining your approach to identifying, assessing, and mitigating cloud security risks.
  • Incident Response & Threat Detection Documentation: Provide documentation or case studies detailing your involvement in cloud incident response efforts and threat detection improvements.

📝 Enhancement Note: As this role focuses on cloud security strategy and implementation, your portfolio should emphasize your ability to develop, enforce, and maintain cloud security policies, standards, and governance processes. Include examples of risk assessment, incident response, and threat detection to showcase your hands-on experience.

💵 Compensation & Benefits

Salary Range: $120,000 - $160,000 per year (based on market research for senior cloud security roles in the United States, considering the candidate's experience level and regional cost of living)

Benefits:

  • Fully Remote
  • Competitive Compensation
  • Full Health Benefits (Medical, Dental, Vision, Life Insurance) + Paid Parental Leave
  • Company Matched 401k
  • Paid Time Off + Paid Holidays + Paid Volunteer Hours
  • Employee Resource Groups (Black Inclusion Group, Women in Leadership, PRIDE, Adelante)
  • Employee Stock Purchase Program
  • Tuition Reimbursement
  • Charitable Gift Matching

Working Hours: Full-time, with flexible hours to accommodate remote work and collaboration with cross-functional teams.

📝 Enhancement Note: The salary range provided is based on market research for senior cloud security roles in the United States, considering the candidate's experience level and regional cost of living. The benefits listed are based on the information provided in the job listing.

🎯 Team & Company Context

🏢 Company Culture

Industry: Progressive Leasing is a leading provider of in-store and e-commerce lease-to-own solutions, operating as a subsidiary of PROG Holdings (NYSE: PRG), an exciting FinTech holding company with three business segments, including Progressive, Vive Financial, and Four, a Buy Now Pay Later (BNPL) platform.

Company Size: Progressive Leasing is a medium-sized company with a collaborative and innovative culture, offering opportunities for growth and impact.

Founded: Progressive Leasing was founded in 2001 and has since grown from a start-up to an industry leader, fostering a culture of innovation, grit, and doing the right thing.

Team Structure:

  • The cloud security team works closely with DevOps, Engineering, and Compliance teams to build secure-by-design solutions and improve cloud security continuously.
  • The team structure encourages collaboration and knowledge sharing, promoting a culture of learning and growth.

Development Methodology:

  • Progressive Leasing employs Agile methodologies, fostering a collaborative and iterative approach to software development and cloud security.
  • The company emphasizes continuous integration, continuous deployment, and continuous learning, encouraging team members to stay up-to-date with emerging technologies and best practices.

Company Website: progleasing.com

📝 Enhancement Note: The company culture at Progressive Leasing emphasizes innovation, collaboration, and doing the right thing. The team structure encourages knowledge sharing and growth, while the development methodology promotes a culture of continuous learning and improvement.

📈 Career & Growth Analysis

Cloud Security Career Level: This role is suited for an experienced cloud security professional with 5-10 years of experience, seeking to make a significant impact on an organization's cloud security posture. The role offers opportunities for strategic planning, hands-on execution, and cross-functional collaboration.

Reporting Structure: The Senior Cloud Security Engineer reports directly to the Director of Information Security and works closely with various teams, including DevOps, Engineering, and Compliance.

Technical Impact: This role has a significant impact on the organization's cloud security posture, driving the development, implementation, and management of cloud security strategies. The Senior Cloud Security Engineer plays a crucial role in ensuring the security and compliance of cloud-based workloads and services.

Growth Opportunities:

  • Technical Leadership: As the company grows and expands its cloud footprint, there will be opportunities for the Senior Cloud Security Engineer to take on more significant responsibilities and grow into a technical leadership role.
  • Career Progression: With experience and demonstrated success in the role, the Senior Cloud Security Engineer may have the opportunity to advance to a Principal or Director-level position within the Information Security team.
  • Emerging Technologies: Progressive Leasing encourages its team members to stay up-to-date with emerging technologies and best practices, offering opportunities for professional development and growth in this rapidly evolving field.

📝 Enhancement Note: This role offers significant growth opportunities for experienced cloud security professionals seeking to make a strategic impact on an organization's cloud security posture. With experience and success in the role, candidates can progress to technical leadership positions or advance within the Information Security team.

🌐 Work Environment

Office Type: Progressive Leasing offers a fully remote work environment, with the option to work from the corporate headquarters in Utah if desired.

Office Location(s): The company's headquarters are located in Utah, with remote team members based across the continental United States.

Workspace Context:

  • Remote Work: Progressive Leasing provides the necessary tools and resources for remote team members to work effectively from home or a co-working space.
  • Collaboration Tools: The company uses collaboration tools such as Slack, Microsoft Teams, and Zoom to facilitate communication and teamwork among remote team members.
  • Professional Development: Progressive Leasing encourages remote team members to participate in professional development opportunities, such as webinars, workshops, and industry conferences.

Work Schedule: Progressive Leasing offers a flexible work schedule, with core hours between 9:00 AM and 5:00 PM EST. Remote team members are expected to be available during these core hours for meetings and collaboration.

📝 Enhancement Note: Progressive Leasing's fully remote work environment offers flexibility and the opportunity to work from home or a co-working space. The company provides the necessary tools and resources for remote team members to collaborate effectively and participate in professional development opportunities.

📄 Application & Technical Interview Process

Interview Process:

  1. Phone Screen: A brief phone or video call to assess the candidate's communication skills, cultural fit, and relevant experience.
  2. Technical Deep Dive: A comprehensive technical interview focused on cloud security best practices, risk assessment, and incident response. Candidates should be prepared to discuss their experience with AWS, Azure, and relevant cloud security tools.
  3. Behavioral & Situational Questions: An in-depth interview to assess the candidate's problem-solving skills, leadership potential, and cultural fit within the organization.
  4. Final Review: A final review with the hiring manager or a panel of stakeholders to make a hiring decision.

Portfolio Review Tips:

  • Cloud Security Projects: Highlight cloud security projects that demonstrate your ability to develop, implement, and manage cloud security strategies.
  • Risk Assessment & Mitigation: Showcase examples of identifying, assessing, and mitigating cloud security risks in previous roles.
  • Incident Response & Threat Detection: Include case studies or examples of cloud incident response efforts and threat detection improvements you've led.
  • Security Control Implementation: Demonstrate your experience implementing cloud security controls and ensuring compliance with best practices and industry standards.

Technical Challenge Preparation:

  • Cloud Security Fundamentals: Brush up on your knowledge of cloud security best practices, risk assessment, and incident response strategies.
  • AWS & Azure Expertise: Familiarize yourself with the latest features, services, and security best practices for AWS and Azure environments.
  • Hands-On Experience: Prepare for hands-on exercises or case studies that demonstrate your ability to apply cloud security principles and best practices to real-world scenarios.

ATS Keywords: [Provided in the ATS Keywords section below]

📝 Enhancement Note: The interview process for this role focuses on assessing the candidate's technical expertise in cloud security, problem-solving skills, and cultural fit within the organization. Candidates should be prepared to discuss their experience with AWS, Azure, and relevant cloud security tools, as well as their approach to risk assessment, incident response, and security control implementation.

🛠 Technology Stack & Web Infrastructure

Cloud Platforms:

  • AWS: Progressive Leasing's primary cloud platform, with a strong focus on AWS services and best practices.
  • Azure: Progressive Leasing also leverages Azure for specific workloads and services, with a growing focus on multi-cloud environments.

Cloud Security Tools:

  • CNAPP: Progressive Leasing uses CNAPP and other third-party cloud security capabilities to enhance visibility and protection across cloud environments.
  • Cloud-Native Security Services: The company leverages cloud-native security services, such as AWS GuardDuty and Azure Defender, to bolster its cloud security posture.
  • IAM & Access Management: Progressive Leasing emphasizes strong IAM and access management practices to ensure the principle of least privilege and minimize the risk of unauthorized access.

Infrastructure-as-Code (IaC) Tools:

  • Terraform: Progressive Leasing uses Terraform to provision and manage infrastructure across cloud environments, fostering a DevOps and IaC culture.
  • CloudFormation: The company also leverages AWS CloudFormation for infrastructure provisioning and management within the AWS ecosystem.

Monitoring & Logging Tools:

  • Cloud-based SIEM Systems: Progressive Leasing uses cloud-based SIEM systems to aggregate, analyze, and alert on security-related events and incidents across cloud environments.
  • Cloud-native Monitoring Services: The company leverages cloud-native monitoring services, such as AWS CloudWatch and Azure Monitor, to monitor the performance and health of cloud-based workloads and services.

Containerization & Orchestration:

  • Kubernetes: Progressive Leasing uses Kubernetes for container orchestration and management, with a focus on security and compliance.
  • Docker: The company leverages Docker for containerization and image management, ensuring consistent and secure deployment across cloud environments.
  • EKS: Progressive Leasing uses Amazon Elastic Kubernetes Service (EKS) to run Kubernetes clusters on AWS, providing a fully managed Kubernetes service.

📝 Enhancement Note: Progressive Leasing's technology stack focuses on AWS and Azure cloud platforms, with an emphasis on cloud security tools, infrastructure-as-code, and containerization. The company leverages a combination of third-party and cloud-native services to bolster its cloud security posture and ensure the performance and health of cloud-based workloads and services.

👥 Team Culture & Values

Cloud Security Values:

  • Proactive Security: Progressive Leasing emphasizes a proactive approach to cloud security, focusing on risk assessment, incident prevention, and continuous improvement.
  • Collaboration & Knowledge Sharing: The company fosters a culture of collaboration and knowledge sharing, encouraging team members to learn from one another and grow together.
  • Continuous Learning: Progressive Leasing encourages its team members to stay up-to-date with emerging technologies and best practices, promoting a culture of continuous learning and improvement.
  • Customer Focus: The company prioritizes customer security and privacy, ensuring that cloud security measures protect customer data and maintain customer trust.

Collaboration Style:

  • Cross-Functional Collaboration: Progressive Leasing encourages collaboration between cloud security, DevOps, Engineering, and Compliance teams to build secure-by-design solutions and improve cloud security continuously.
  • Peer Review & Code Review: The company employs peer review and code review processes to ensure the quality, security, and compliance of cloud-based workloads and services.
  • Incident Response & Post-Mortem: Progressive Leasing emphasizes incident response and post-mortem processes to identify and address security incidents, learn from them, and improve cloud security over time.

📝 Enhancement Note: Progressive Leasing's cloud security values emphasize proactivity, collaboration, and continuous learning, fostering a culture of continuous improvement and customer focus. The company's collaboration style encourages cross-functional collaboration, peer review, and incident response processes to ensure the security and compliance of cloud-based workloads and services.

⚡ Challenges & Growth Opportunities

Technical Challenges:

  • Multi-Cloud Environment: Progressive Leasing's growing focus on multi-cloud environments presents technical challenges in managing security across diverse cloud platforms and services.
  • Emerging Technologies: The rapidly evolving nature of cloud security requires team members to stay up-to-date with emerging technologies and best practices, presenting both challenges and growth opportunities.
  • Compliance & Regulatory Requirements: The company must ensure compliance with various industry standards, regulations, and data protection requirements, presenting technical challenges in managing security and privacy across cloud environments.
  • Incident Response & Threat Detection: Progressive Leasing must maintain robust incident response and threat detection capabilities to protect against evolving threats and ensure the security and availability of cloud-based workloads and services.

Learning & Development Opportunities:

  • Multi-Cloud Expertise: Progressive Leasing encourages team members to develop expertise in multi-cloud environments, offering opportunities for professional development and growth in this rapidly evolving field.
  • Emerging Technologies: The company encourages team members to stay up-to-date with emerging technologies and best practices, providing opportunities for professional development and growth in cloud security.
  • Leadership Development: Progressive Leasing offers opportunities for team members to develop their leadership skills, with a focus on technical leadership and mentoring within the cloud security team.
  • Architecture & Design: The company encourages team members to develop their architecture and design skills, with a focus on cloud security architecture and design principles.

📝 Enhancement Note: Progressive Leasing's technical challenges and growth opportunities focus on multi-cloud environments, emerging technologies, compliance and regulatory requirements, and incident response and threat detection. The company offers learning and development opportunities in multi-cloud expertise, emerging technologies, leadership development, and architecture and design, fostering a culture of continuous learning and improvement.

💡 Interview Preparation

Technical Questions:

  • Cloud Security Fundamentals: Prepare for questions about cloud security best practices, risk assessment, and incident response strategies, with a focus on AWS and Azure environments.
  • AWS & Azure Expertise: Brush up on your knowledge of AWS and Azure services, features, and security best practices, with an emphasis on the company's primary cloud platform (AWS).
  • Hands-On Experience: Prepare for hands-on exercises or case studies that demonstrate your ability to apply cloud security principles and best practices to real-world scenarios.

Company & Culture Questions:

  • Cloud Security Culture: Research Progressive Leasing's approach to cloud security, focusing on the company's values, collaboration style, and commitment to continuous learning and improvement.
  • Cloud Security Strategy: Prepare for questions about cloud security strategy, risk assessment, and incident response, with an emphasis on the company's approach to cloud security and compliance.
  • Cloud Security Architecture & Design: Brush up on your knowledge of cloud security architecture and design principles, with an emphasis on the company's focus on secure-by-design solutions and continuous improvement.

Portfolio Presentation Strategy:

  • Cloud Security Projects: Highlight cloud security projects that demonstrate your ability to develop, implement, and manage cloud security strategies.
  • Risk Assessment & Mitigation: Showcase examples of identifying, assessing, and mitigating cloud security risks in previous roles.
  • Incident Response & Threat Detection: Include case studies or examples of cloud incident response efforts and threat detection improvements you've led.
  • Security Control Implementation: Demonstrate your experience implementing cloud security controls and ensuring compliance with best practices and industry standards.

📝 Enhancement Note: The interview process for this role focuses on assessing the candidate's technical expertise in cloud security, problem-solving skills, and cultural fit within the company. Candidates should be prepared to discuss their experience with AWS, Azure, and relevant cloud security tools, as well as their approach to risk assessment, incident response, and security control implementation.

📌 Application Steps

To apply for this Senior Cloud Security Engineer (Remote) position at Progressive Leasing, follow these steps:

  1. Customize Your Portfolio: Tailor your portfolio to highlight cloud security projects that demonstrate your ability to develop, implement, and manage cloud security strategies. Include examples of risk assessment, incident response, and security control implementation to showcase your hands-on experience.
  2. Optimize Your Resume: Highlight your relevant experience in cloud security, infrastructure security, or a related field, with a focus on AWS and Azure environments. Include specific examples of your experience with cloud security tools, risk assessment, and incident response.
  3. Prepare for Technical Interviews: Brush up on your knowledge of cloud security best practices, risk assessment, and incident response strategies. Familiarize yourself with AWS and Azure services, features, and security best practices, and prepare for hands-on exercises or case studies that demonstrate your ability to apply cloud security principles and best practices to real-world scenarios.
  4. Research the Company: Learn about Progressive Leasing's approach to cloud security, focusing on the company's values, collaboration style, and commitment to continuous learning and improvement. Prepare for questions about the company's cloud security strategy, risk assessment, and incident response, with an emphasis on the company's approach to cloud security and compliance.

⚠️ Important Notice: This enhanced job description includes AI-generated insights and web development/server administration industry-standard assumptions. All details should be verified directly with the hiring organization before making application decisions.

ATS Keywords:

Programming Languages:

  • AWS CloudFormation
  • Terraform
  • Python
  • Bash
  • PowerShell

Web Frameworks & Libraries:

  • AWS SDKs (Boto3, AWS SDK for JavaScript)
  • Azure SDKs (Azure SDK for JavaScript, Azure CLI)
  • Cloud Security Alliance (CSA) Security Configuration
  • Center for Internet Security (CIS) Benchmarks

Server Technologies:

  • Amazon Elastic Kubernetes Service (EKS)
  • Amazon Elastic Container Service (ECS)
  • AWS Lambda
  • AWS Elastic Beanstalk
  • Azure Kubernetes Service (AKS)
  • Azure Container Instances (ACI)
  • Azure Functions

Databases:

  • Amazon Relational Database Service (RDS)
  • Amazon DynamoDB
  • Amazon Redshift
  • Azure SQL Database
  • Azure Cosmos DB
  • Azure Database for PostgreSQL

Tools:

  • Infrastructure as Code (IaC) tools (Terraform, CloudFormation)
  • Container orchestration tools (Kubernetes, Docker)
  • Cloud security posture management (CSPM) tools (CNAPP, Prisma Cloud)
  • Cloud-native security services (AWS GuardDuty, Azure Defender)
  • Cloud-based SIEM systems (Splunk, Logz.io, Datadog)
  • Cloud monitoring and logging tools (AWS CloudWatch, Azure Monitor)

Methodologies:

  • Agile methodologies (Scrum, Kanban)
  • DevOps practices (CI/CD, IaC, GitOps)
  • Infrastructure as Code (IaC) principles
  • Cloud security best practices (NIST, SOC 2, PCI DSS, CIS Benchmarks)

Soft Skills:

  • Strong communication and presentation skills
  • Problem-solving and analytical skills
  • Leadership and mentoring skills
  • Collaboration and teamwork skills
  • Adaptability and continuous learning mindset

Industry Terms:

  • Cloud Security Alliance (CSA)
  • Center for Internet Security (CIS)
  • National Institute of Standards and Technology (NIST)
  • Service Organization Control (SOC) 2
  • Payment Card Industry Data Security Standard (PCI DSS)
  • Infrastructure as Code (IaC)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)
  • Continuous Integration/Continuous Deployment (CI/CD)

Application Requirements

Candidates should have 5+ years of experience in cloud security or related fields, with deep expertise in AWS and strong knowledge of security best practices. Familiarity with automation tools, cloud-native security services, and compliance standards is also essential.