Cloud Security Engineer

San Francisco, CA, United States

Our Mission

At Unison, we’ve built a smarter way to unlock home equity, without interest, debt, or monthly payments. Our Vision is to Optimize Homeownership by providing the missing products and expert advice to empower our customers - both consumers and institutional investors - to optimally own and invest in Residential Real Estate. Unison is a mission-driven company and we’re looking for ambitious individuals to help us grow.

Your Mission

In this role, the Cloud Security Engineer will report to the Director of Information Security and support the execution of the IT security vision and risk management strategy. Your mission is to ensure that the design and implementation of the security measures are commensurate with the security policies and standards to assure that our data and systems are secure. This position involves ongoing assessment of risks and vulnerabilities and identifying security design or implementation shortcomings in current products and services. You will contribute to the continuous enhancement of our cybersecurity controls, including associated playbooks, workflows, processes, and procedures.

Within 1 month, you’ll:

Build relationships with our IT and Engineering teams to understand their pain points and the tools and technologies that they use.

Have working knowledge of our AWS cloud architecture.

Within 3 months, you’ll:

Understand IAM roles used in our AWS accounts.

Gain comprehension of encryption protocols and data safeguarding measures used within our cloud environments.

Conduct risk assessments of our cloud infrastructure and applications, identify security gaps, and develop mitigation strategies.

Collaborate closely with Engineering to enhance and deploy AWS-native monitoring solutions effectively.

Within 6 months, you’ll:

Manage and implement AWS cloud security controls.

Ensure compliance with industry standards, regulations, and best practices related to cloud security.

Develop incident response plans and participate in incident response activities as needed.

Develop scripts, automation tools, and workflows to automate security processes, streamline operations, and enhance overall efficiency.

Responsibilities:

Cloud Security Architecture: Manage and implement security controls to ensure the confidentiality, integrity, and availability of our cloud-based systems and data.

Security Compliance: Ensure compliance with industry standards, regulations, and best practices related to cloud security (e.g., CIS, PCI DSS, ISO 27001).

Risk Assessment and Mitigation: Conduct risk assessments and vulnerability scans of cloud infrastructure and applications, identify security gaps, and develop mitigation strategies to address potential threats.

Security Monitoring and Incident Response: Establish proactive security monitoring and alerting mechanisms to detect and respond to security incidents in real-time. Develop incident response plans and participate in incident response activities as needed.

Identity and Access Management (IAM): Develop robust IAM policies and access controls to ensure proper authentication, authorization, and accountability for cloud resources and services, based on least privilege.

Encryption and Data Protection: Implement encryption mechanisms and data protection controls to safeguard sensitive information in transit and at rest in the cloud environment.

Security Automation and Orchestration: Develop scripts, automation tools, and workflows to automate security processes, streamline operations, and enhance overall efficiency.

Security Training and Awareness: Provide security training and awareness programs to educate employees and stakeholders on cloud security best practices, policies, and procedures. Serve as a subject matter expert and provide expertise on topics related to cloud security.

Collaboration and Communication: Work closely with cross-functional teams, including Engineering and IT operations to refine and implement AWS native monitoring tools.

Continuous Improvement: Stay abreast of emerging threats, vulnerabilities, and security technologies in the cloud computing space. Continuously evaluate and enhance security controls and practices to mitigate evolving risks.

About you

As a cloud security professional, you are passionate about protecting systems and data, and assuring cloud security controls are operating efficiently and effectively. You develop and update security-related documentation and collaborate with technical teams to ensure the implementation of top-tier security measures throughout the AWS cloud ecosystem. You build cross-functional relationships by partnering with other teams and helping them understand the security controls and can offer compensating controls when compliance cannot be met with existing controls. You exemplify our values, have a drive to succeed, and your experience includes:

Bachelor's degree or equivalent in Information Technology, Computer Science, Engineering, Cybersecurity, or related field.

5+ years’ experience applying security standards and enterprise practices to Amazon Web Services (AWS).

Industry relevant professional certifications including but not limited to: CISSP, CCSP, AWS Solutions Architect – Professional, AWS Certified Security – Specialty

Strong understanding of serverless technologies and security implications deployed in public cloud – AWS Lambda, Containers (ECS Fargate, EKS)

Demonstrated understanding of security in core AWS services (EC2, ECS, Lambda, IAM)

SIEM tools experience (e.g.: Panther, NewRelic,, etc.)

Knowledge of risk management and NIST Cybersecurity Framework controls

What does Unison offer?

The base salary range for this role is $130,000 to $160,000 and the job duties must be performed from our San Francisco, CA office. This range does not include bonus potential, equity, or additional benefits that the company may provide. The base salary offered will be determined by a wide array of factors such as experience, skills, certifications, and education. Decisions will be determined on a case-by-case basis.

We provide company paid medical, dental and vision insurance coverage

Employee Recognition Program A brand new MacBook or ThinkPad with plug and play capabilities for in office or at home use

Extensive Employee Assistance Program

Company options, so as the company grows, you grow with it!

A healthy bonus or commission plan offered based on role

We value team culture and enjoy interacting with colleagues,  hanging out after work any day of the week

A lot of room for personal development and growth and a $2,000 stipend to help you get there

A start-up environment in which you can make a difference.

Multiple different opportunities to join company groups to make a culture impact (i.e. DEIB Committee, Fun Committee, Book Clubs, Toastmasters)

Unison provides equal employment opportunity to all individuals regardless of their race, age, creed, color, religion, national origin or ancestry, sex, gender, disability, veteran status, genetic information, sexual orientation, gender identity or expression, pregnancy, or any other characteristic protected by state, federal, or local law.