Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Lead Cloud Security/AppSec Engineer

$148k - $203.5k

Flagship Ventures

About the Role The Information Security team has strong detection and response capability and a maturing compliance program. This is a greenfield opportunity to build Flagship’s cloud security and application security engineering practice in earnest — with the CISO and Director of Security Engineering as your strategic partners and a well-resourced program behind you. You’ll define how cloud posture management, SSDLC security, and cloud-side DLP get done at Flagship — in deep partnership with the Infrastructure & Operations team, who are your primary counterparts for cloud architecture, network, and endpoint infrastructure. What makes this role distinctive is the expectation that you’ll build AI-augmented workflows from the start — using LLMs and agentic tooling to handle the routine 80% so your expertise stays focused on the 20% that actually requires human judgment. If you want to own a practice area rather than execute someone else’s playbook, this is that role. You’ll own the technical execution of cloud security and AppSec across Flagship and its portfolio, working directly with engineering teams to embed security into their pipelines, not just review them after the fact. Responsibilities Cloud security posture management: own remediation execution against Wiz findings in partnership with Infrastructure & Operations, build shared remediation playbooks, coordinate finding resolution across AWS environments, and ensure security controls are implemented consistently with I/O’s infrastructure standards. CI/CD and SSDLC security: design and implement security guardrails in engineering pipelines—SAST, secrets scanning, IaC security, container scanning—working directly with portfolio engineering teams, and build AI-powered pipeline security automation that reduces developer friction and scales security coverage beyond what manual review allows. Cloud-side DLP enforcement: build and operationalize data loss prevention controls at the cloud and application layer, not just policy definition. Cloud identity and access: own technical execution on Entra/Azure AD conditional access, BYOD policy enforcement, and cloud identity governance in partnership with Infrastructure & Operations, who manage the underlying directory and endpoint infrastructure. Detection engineering (cloud layer): write and tune cloud-side detection rules and contribute to alert fidelity improvements in partnership with the SOC. AI platform security: contribute to security architecture reviews and guardrail design for AI-powered portfolio products, including Bedrock and EKS-based platforms. Serve as the embedded security engineering partner for portfolio company engineering teams — not a reviewer at the end of the process, but a collaborator throughout it. Design and maintain AI-augmented workflows across all functional areas you own—using LLMs, agentic tooling, and automation to multiply your own capacity. You will be expected to treat AI as a core part of your engineering toolkit, not an experiment: building prompt-driven triage pipelines, automating remediation drafting, and continuously identifying where human judgment is the bottleneck versus where it’s being wasted on pattern-matchable work. Qualifications 5+ years in cloud security, application security, or a closely related security engineering discipline. Deep hands‑on experience with AWS security services (Security Hub, GuardDuty, IAM, SCPs, CloudTrail) and cloud posture tooling—Wiz experience strongly preferred. Practical AppSec experience: you have integrated SAST/DAST/SCA tooling into CI/CD pipelines and worked directly with developers to resolve findings, not just filed tickets. Experience with cloud identity platforms—Entra ID / Azure AD, including conditional access policy design and enforcement. Ability to write infrastructure‑as‑code and scripting to automate security controls (Python, Terraform, or equivalent), including comfort working with LLM APIs, prompt engineering, and agentic orchestration frameworks. Demonstrated experience building AI‑augmented security workflows— you have used LLMs, agentic frameworks, or AI‑assisted tooling to automate security tasks at scale, not just experimented with ChatGPT. You should be able to articulate which security problems are well‑suited to AI automation and which aren’t. Strong communication skills to be credible with engineering leadership and portfolio company CTOs—you’ll be in technical design reviews, not just security reviews. Proven ability to build trusted working relationships with Infrastructure & Operations teams—you approach I/O as a partner, not a gatekeeper, and can influence security outcomes through collaboration rather than mandate. Comfort operating as a self‑directed practitioner in a lean team; this role requires you to set your own execution priorities within a defined strategic direction. Nice to Have Experience securing ML/AI platforms—Bedrock, SageMaker, or comparable environments. AWS Security Specialty, GWEB, OSCP, or equivalent certification. Experience in a portfolio company or multi‑entity security model. Familiarity with HIPAA technical safeguard requirements and PHI data flows in cloud environments. Experience designing or operating agentic AI workflows for security operations. Container and Kubernetes security experience (EKS, image scanning, network policy). Why This Role This is a net‑new capability role on a small team — you won’t be executing someone else’s existing playbook, you’ll be building the cloud and AppSec program from a solid foundation. You’ll work directly with the CISO and collaborate closely with the Director of Security Engineering. Flagship’s portfolio spans some of the most technically ambitious biology and AI work happening anywhere, and the security work reflects that complexity. If you want a role where the scope is real, the autonomy is genuine, and you have the freedom to build an AI‑augmented security practice — this is it. Benefits Salary range: $148,000 – $203,500. Compensation will depend on a number of factors, including a candidate’s qualifications, skills, competencies, and experience. Flagship Pioneering currently offers healthcare coverage, an annual incentive program, retirement benefits, and a broad range of other benefits. We Are an Equal Opportunity Employer All qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law. We recognize that great candidates often bring unique strengths without fulfilling every qualification. If you have some of the experience listed above but not all, please apply anyway. We are dedicated to building diverse and inclusive teams and look forward to learning more about your background and interest in Flagship. #J-18808-Ljbffr Flagship Ventures

Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the Lead Cloud Security/AppSec Engineer in Cambridge, MA vacancy
  • $148k - $203.5k

    About the Role The Information Security team has strong detection and response...  ...opportunity to build Flagship’s cloud security and application security engineering practice in earnest — with the...  ...execution of cloud security and AppSec across Flagship and its portfolio... 
    Cloud

    Flagship Pioneering

    Cambridge, MA
    1 day ago
  • Cambridge Health Alliance is seeking a Senior Security Engineer to protect its digital landscape. This...  ...Alto Next-Generation Firewalls while leading a dedicated security engineering team....  ...execute security strategies, manage cloud security, and oversee vulnerability management... 
    Cloud

    Cambridge Health Alliance

    Cambridge, MA
    3 days ago
  • Xometry is seeking a Staff Cyber Resilience Engineer to lead defense mechanisms against threats like ransomware and data loss. In this hands...  ...Infrastructure as Code in Terraform. With over 8 years in cloud environments, particularly AWS, strong Terraform skills, and... 
    Cloud

    Xometry

    Boston, MA
    3 days ago
  • $148k - $203.5k

    A leading biopharmaceutical firm in Cambridge is seeking an experienced cloud security engineer. You will build and own the cloud security and application security practices, partner with engineering teams, and contribute to AI-augmented workflows. Key qualifications include... 
    Cloud

    Flagship Pioneering

    Cambridge, MA
    1 day ago
  •  ...and maintain offensive toolchains and collaborate with IR and Threat Intel to improve detections and controls. The role requires 4+ years in cybersecurity with deep red teaming experience, expertise in MITRE ATT&CK, cloud attacks, and scripting. #J-18808-Ljbffr Moderna
    Cloud

    Moderna

    Cambridge, MA
    3 days ago
  • $116k - $190k

    NTT DATA, Inc. is seeking an experienced Application Security Architect in Boston, MA. The role involves collaborating with clients to define security policies and strategies, ensuring the confidentiality and integrity of their data. The ideal candidate will have at least... 
    Cloud

    NTT DATA

    Boston, MA
    5 days ago
  • $155k - $175k

     ...missions in the world! As a Lead Cyber Risk Advisor, you will be...  ...critical risks across complex IT and cloud environments....  ...vulnerability management, CNAPP, appsec, or cyber threat exposure management...  .... Interest in learning cloud security (AWS, Azure, GCP). Relevant certifications... 
    Cloud

    Qualys

    Boston, MA
    5 days ago
  • Flagship Pioneering in Cambridge, MA seeks a skilled Cloud Security Engineer to lead its cloud security and application security engineering practice. This role offers a unique opportunity to shape security initiatives with full ownership over cloud security posture, application... 
    Cloud

    Flagship Pioneering

    Cambridge, MA
    3 days ago
  •  ...Overview: We are looking for a skilled Network Security Engineer to design, implement, and maintain secure, scalable, and high-performing...  ...), CCSA/CCSE (CheckPoint), F5 Certified. Experience in cloud network security (AWS, Azure, or GCP). Knowledge of... 
    Cloud

    Purple Drive

    Boston, MA
    2 days ago
  •  ...Identity And Access Management Engineer – Officer (Iam Security Engineer) Location: Boston and Quincy, MA and...  ...direction from private, public, hybrid cloud, and partners directions. Work with business and architect groups, lead the future state of scalable IAM... 
    Cloud

    InterSources

    Boston, MA
    2 days ago
  •  ...We are seeking a Senior Security Engineer to join our team, focusing on defining security workflows and incident response (IR) strategies....  ...experience with Python or similar languages. Ideal but not required: Cloud security experience. Well‑rounded knowledge and passion for... 
    Cloud

    7AI

    Boston, MA
    1 day ago
  •  ...The Senior Security Engineer serves as a critical guardian of CHA’s digital landscape. This role combines high-level technical expertise in...  ...integrity, and availability of patient data across our hybrid-cloud healthcare environment. Team Leadership: mentor a specialized... 
    Cloud
    Work at office
    Remote work

    Cambridge Health Alliance

    Cambridge, MA
    2 days ago
  • $98k - $182k

    Epsilon, based in Boston, is looking for a Lead Databricks Administrator to oversee the administration...  ...position requires a robust understanding of cloud environments and a strong ability to manage governance and security measures within Databricks. Epsilon offers a competitive... 
    Cloud
    Flexible hours

    Epsilon

    Boston, MA
    3 days ago
  •  ...Vice President, Ecosystem Lead About the Company Market-leading provider of CRM solutions & business management software Industry...  ...Analytics CRM Enterprise Software SaaS Cloud Computing Customer Relationship Management Software(CRM) Enterprise... 
    Cloud

    Confidential

    Boston, MA
    3 days ago
  • $40k

     ...mission‑critical programs across national security, defense, and public service delivery....  ...at a national scale. The Junior Security Engineer supports 24x7 enterprise cybersecurity operations...  ...with security operations processes, cloud and infra fundamentals, and the ability... 
    Cloud
    Contract work
    Remote work

    MAXIMUS

    Boston, MA
    1 day ago
  •  ...Reporting to the Chief Information Security Officer, the Senior Security Engineer is responsible for designing, implementing...  ...posture. Responsibilities Lead the evaluation, implementation, and...  ...and improve security controls within cloud environments including AWS and... 
    Cloud

    CRICO

    Boston, MA
    3 days ago
  • $234k - $300k

    Overview As a Staff Application Security Engineer at Datadog, you\'ll set...  ...success. You\'ll help shape the AppSec roadmap and make the case for...  ...actionable security signals. Lead threat modeling and risk assessment...  ...end-to-end Partner with Cloud & Infrastructure Security and... 
    Cloud

    Datadog

    Boston, MA
    3 days ago
  • $113.4k - $252k

     ...Navan, you will serve as the technical lead for our incident response lifecycle...  ...the containment and remediation of security threats across our multi-cloud infrastructure, products, and...  ...cause analysis. Automation & SOAR Engineering: Use Tines to build and design workflows... 
    Cloud

    Navan

    Boston, MA
    3 days ago
  • $170k - $200k

     ...$175,000 base + 15% bonus Title Senior Security Engineer (US) Overview We are seeking a hands‑on,...  ...proactively strengthen our security posture across cloud‑native and hybrid environments. This highly technical, strategic role will lead security platform integration, governance... 
    Cloud
    Full time
    Contract work
    Work at office
    Remote work
    Flexible hours

    Henderson Scott

    Boston, MA
    3 days ago
  • Klaviyo is seeking a Principal Engineer, Security to define and oversee infrastructure security architecture. This individual contributor role requires deep experience in cloud security and compliance frameworks, focusing on building secure systems that scale. The ideal... 
    Cloud

    Klaviyo

    Boston, MA
    3 days ago
  • $144k - $210k

     ...Lila We are not building a traditional security team—we are designing security as a business...  ...security must move faster. We are cloud-first, automation-driven, and relentless...  ...thrive at the intersection of security, engineering, and innovation, this role is for you.... 
    Cloud
    Full time

    Lila Sciences

    Cambridge, MA
    3 days ago
  • Boston University is seeking a Principal Systems Architect to lead the innovative design and operations of cloud-based research computing infrastructure. This role involves serving as the senior technical authority for IaaS, PaaS, and SaaS platforms, and overseeing initiatives... 
    Cloud

    Boston University

    Boston, MA
    3 days ago
  •  ...launched AI research startup is looking for a Security Engineer to build its security function from the...  ...platform build, including Application, Cloud, and IAM security, across the company's...  ...environments Hands on experience leading SOC2 or ISO 27001 Founding or early... 
    Cloud

    Tangier Partners

    Boston, MA
    3 days ago
  • Capital One is seeking a Senior Lead Software Engineer for Back-End Distributed Systems in Cambridge, MA. This role involves leading a team on...  ...engineering. The ideal applicant will have strong skills in cloud computing and experience in mentoring. Capital One offers an... 
    Cloud

    Capital One

    Cambridge, MA
    3 days ago
  • $48 - $52 per hour

     ...Akkodis is seeking a Data Security Engineer for a Contract job with a client in Boston, MA . The ideal candidate must have hands-on experience...  ...in implementing enterprise data security controls across cloud data platforms. Rate Range: $48/hour to $52/hour ; The... 
    Cloud
    Hourly pay
    Contract work
    Temporary work
    Local area

    Akkodis

    Boston, MA
    2 days ago
  • $106.3k - $234.6k

     ...Job Description The Oracle Cloud Infrastructure (OCI) team can provide you the opportunity...  ...challenges. As a Principal Hardware Security Engineer you will be involved in ensuring that...  .... Discover your potential at a company leading the way in AI and cloud solutions that... 
    Cloud
    Temporary work
    Flexible hours

    Oracle

    Boston, MA
    2 days ago
  • $86.4k

     ...Highmark Health Job Summary The Identity & Access Management Security Engineer participates in the development, testing, implementation, and...  ..., IAM Vendor Certification (like SailPoint, Azure AD, etc.), Cloud Certification, SAFe Agile Certifications. Language (Other... 
    Cloud
    For contractors
    Work at office
    Local area
    Remote work

    Highmark Health

    Boston, MA
    3 days ago
  •  ...Cloud Security Engineer Experience in Amazon security solutions Expert in cyber security Should be able to do assessment of security risks, threats, vulnerabilities, monitoring and risk mitigation Should be able to use Nessus and other container scanning tools... 
    Cloud

    Cardinal Integrated

    Somerville, MA
    2 days ago
  • $140.8k - $176k

    A technology company is looking for a Senior Software Engineer to join its Security Products team. The role involves designing high-performance security solutions and mentoring junior engineers. Candidates should have extensive experience in software engineering, particularly... 
    Cloud
    Remote job

    DigitalOcean

    Boston, MA
    3 days ago
  • Boston Children's Hospital is seeking a skilled DevOps Engineer to lead cloud computing functions. The role involves designing and implementing cloud solutions across AWS, Azure, and GCP, and requires strong scripting skills with Python and PowerShell. The ideal candidate... 
    Cloud
    Flexible hours

    Boston Children's Hospital

    Boston, MA
    3 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Lead Cloud Security/AppSec Engineer. Be the first to apply!