Develop and enforce IAM best practices, including zero-trust models and privileged access controls across IaaS and SaaS.
Drive cloud data security controls including classification, encryption/KMS, masking/tokenization, access governance, retention/deletion, and exfiltration risk reduction across APIs and data pipelines.
Develop automated remediation workflows for recurring cloud misconfigurations, drift, and policy violations to reduce manual effort and response time.
Requirements
We are hiring a Senior, hands-on Cloud Security Engineer to secure a large-scale, cloud-native SaaS platform.
You will be a SME for cloud security architecture across platform, IAM, network, workload, data, and AI enablement, and partner with Engineering, Security, and Product to implement scalable controls that support business growth.
Multi-Cloud Engineering: Design, implement, and continuously improve Sigma Cloud Security across AWS, GCP, and Azure environments with architect-level technical depth.
experience in Cloud Incident Response, including investigating and remediating malicious activity within cloud environments.
Security Stack Management: Deploy and manage cloud-native services (CSPM, CNAPP, DSPM, SIEM, DLP, WAF, Kubernetes, and container security).
AI : Use AI securely and effectively to scale security practices and improve team efficiency.
Bachelor’s or Master’s degree in Computer Science, Cyber Security, or a related field.
Deep technical expertise in cloud architectures AWS/Azure/GCP; including IAM, networking (VPCs, security groups, PrivateLink), and native security services is strongly desired.
Advanced understanding and
experience with container security, Kubernetes, and secure CI/CD pipeline design
Proven ability to demonstrate incident response
experience specifically related to cloud-based malicious activity and breach remediation.
Advanced Cloud IAM expertise: federation, SSO, PAM/JIT access, service identities, and least privilege design.
Strong knowledge of security platforms such as CNAPP (Wiz), WAF (Cloudflare), SASE (Netskope)
Demonstrated ability to lead cloud/saas architecture reviews and influence senior engineering stakeholders. •
Experience securing data platforms (nice to have) - Snowflake, Databricks, BigQuery etc. •
Experience in high-growth SaaS or data platforms Organizations (nice-to have) Prior
experience in Platform Engineering, DevSecops or similar (nice-to have)
Certifications (Preferred): Professional-level cloud certifications are required, such as:
AWS: Certified Security – Specialty or Solutions Architect – Professional.
Azure: AZ-500 (Security Technologies) or AZ-305 (Solutions Architect). Why Sigma?
Sigma is the AI Apps and agentic analytics platform built on the cloud data warehouse.
Sigma supports a spreadsheet interface, SQL, Python, and native AI in a single governed workspace, giving every team the speed to act and IT the control to scale.
Note: We have an in-office work environment in all our offices in SF, NYC, London and Sydney. Sigma’s use of AI
This hiring process utilizes artificial intelligence tools to assist in candidate screening and assessment. Our AI tools are designed to complement, not replace, human decision-making.
Experience
Minimum 7+ years in Security roles with at least 5+ years focused on Cloud security engineering,IAM, and Data security
Benefits
The base salary range for this position is $210k - $240k annually.
Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience.
Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work at Sigma Computing.
This role is eligible for stock options, as well as a comprehensive benefits package. About us:
Generous health benefits
Flexible time off policy. Take the time off you need!
Paid bonding time for all new parents
Traditional and Roth 401k
Additional details
This is an engineering-first role for someone who builds security solutions—not just manages tools.
You’ll design secure architectures, embed controls into infrastructure-as-code, and build automated guardrails so teams can move fast without waiting on manual security approvals.
We’re looking for a builder-defender who thrives in complex cloud environments, automates aggressively (“let the robots do the work”), and can scale cloud security for a fast-moving SaaS company. What You’ll Do
Architectural Leadership: Partner deeply with infrastructure and engineering teams to embed security into development workflows, leading high-level technical discussions to guide security efforts and strategic priorities.