Senior Cloud Security Engineer

Who We Are 

Legato Security is an information security firm founded upon the belief that every organization has the right to keep its data private and secure. Our mission is to build close partnerships with our clients, serving them not as just a vendor, but as trusted advisors helping to build effective, proactive plans. Our focus is always on both the technical and human elements within an organization. We believe in comprehensive strategies designed to harden networks, deflect attackers, and rapidly recover from any accidents. As technology progresses, so do our tactics, ensuring our experts are always prepared to serve forward-looking leaders eager to stay ahead of emerging threats. 

Position Overview 

Legato Security is seeking a Senior Cloud Security Engineer to join our Security Engineering team. This pivotal role focuses on helping our customers secure their cloud-native environments. The ideal candidate is a subject matter expert in Cloud Security Posture Management (CSPM), specifically with Wiz, and possesses a strong foundational background in Application Security (AppSec). You will be responsible for identifying architectural weaknesses, automating security guardrails, and mentoring junior engineers to foster a robust security culture. As part of Legato’s managed security services (MSSP) practice, this engineer will serve as a dedicated resource for key client accounts, providing managed administration of cloud security tooling and ongoing AppSec scanning support via SAST and DAST programs.

Specific Job Responsibilities 

• Lead the onboarding, configuration, and continuous monitoring of Wiz for client tenants, ensuring visibility across AWS, Azure, and GCP.
• Conduct application security assessments for clients using tools, e.g. Checkmarx, Snyk, Burp Suite, and SonarQube, providing prioritized remediation roadmaps.
• Act as a dedicated Virtual Security Engineer for key accounts, attending client architectural reviews and providing expert security guidance on cloud migrations.
• Collaborate with client DevOps and engineering teams to integrate security "guardrails" into their specific CI/CD pipelines.
• Lead threat modeling sessions for client applications and assist the sales engineering team in scoping complex cloud security projects.
• Create high-quality technical reports and executive summaries that translate tool findings into business risk and actionable improvements.
• Participate in an on-call rotation for critical security incidents and client emergencies; after-hours escalations are infrequent but require a timely and professional response when they occur.

 Required Qualifications 

Perks 

• Start-up company in a growth phase with opportunity for advancement based on performance 

• Start-up culture with an office in downtown Salt Lake City, UT 

• Competitive medical and dental benefits for employee and family members 

• Other company-provided benefits such as short-term disability, basic life insurance, children’s orthodontia, with additional voluntary benefits available, and 401K match 

• Flexible Paid Time Off policy 

• Professional Development opportunities specific to role