Cloud Application Security Engineer

Description

The Cloud Application Security Engineer is responsible for securing Hyper’s cloud-native web platform and the software development lifecycle that supports it. This role works directly with engineering teams to identify, understand, and remediate security risks in applications and infrastructure.

This position focuses on embedding security into how software is built, deployed, and operated. The role emphasizes practical, hands-on security work—reviewing code, improving system design, and helping engineers build secure systems—rather than operating as a separate audit or ticketing function.

Core Responsibilities

• Conduct secure code reviews, threat modeling, and security-focused design reviews for new and existing features 
• Identify and remediate common web application vulnerabilities aligned with OWASP Top 10 
• Help design and improve secure application architectures in collaboration with engineering teams 
• Own the security configuration of AWS environments including IAM, Security Hub, GuardDuty, WAF, Secrets Manager, VPC security groups, and CloudTrail 
• Integrate and maintain SAST, DAST, and dependency scanning tools within CI/CD pipelines 
• Perform vulnerability assessments across applications and cloud infrastructure and track remediation to closure 
• Support SOC 2 Type II readiness by contributing to security controls, documentation, and evidence collection 
• Develop and maintain incident response processes including investigation, containment, and post-mortem analysis 
• Work closely with engineers to implement secure coding practices and improve overall system security 

Additional Responsibilities

• Provide guidance and education to engineering teams on secure development practices 
• Support onboarding of engineers with security best practices and expectations 
• Maintain documentation for security processes, controls, and architecture 
• Contribute to improving security tooling, automation, and workflows 

Requirements

• 4–7 years of experience in application security, product security, or cloud security engineering 
• Experience securing modern web applications and understanding common vulnerability patterns 
• Hands-on experience with AWS security services (IAM, Security Hub, GuardDuty, WAF, etc.) 
• Experience using SAST, DAST, or SCA tools in development workflows 
• Strong understanding of OWASP Top 10 and practical remediation approaches 
• Experience with threat modeling applied to real systems 
• Experience supporting or participating in SOC 2 audits or similar compliance frameworks 
• Experience working directly with software engineers to remediate security issues in applications 
• Strong communication skills and ability to work closely with engineering teams 

Preferred

• Experience with Node.js, PostgreSQL, or similar backend systems 
• Familiarity with frontend security concerns (e.g., XSS, authentication flows, token handling) 
• Experience with tools such as Snyk, Semgrep, OWASP ZAP, or similar 
• Experience with compliance automation tools such as Vanta, Drata, or Secureframe 
• Experience building or improving security practices in a startup or growth-stage company 
• Scripting or automation experience (Python, Bash, or similar) 
• Relevant certifications: AWS Security Specialty, OSCP, CISSP, or equivalent 

Why Hyper?

Hyper Solutions is building next-generation infrastructure and software systems that power critical business operations. This role offers the opportunity to work directly with engineers to improve how secure software is built and deployed. You’ll help strengthen application security practices while contributing to scalable, high-impact systems across the organization.

Hyper offers competitive benefits including medical, dental, vision, and 401(k), along with strong opportunities for growth as the company scales.

Location

Onsite in Richmond, VA, or remote depending on candidate location and business needs.

Remote employees may be expected to travel periodically for team collaboration.

Hyper Solutions is an Equal Opportunity Employer.

We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate based on race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), national origin, age, disability, genetic information, veteran status, or any other protected status under applicable laws.

All applications will be used exclusively for selection purposes and handled confidentially by authorized personnel only. Your application may also be considered for other suitable positions within Hyper Solutions, Inc.

Please note that Hyper Solutions is currently unable to offer visa sponsorship, and applicants must be authorized to work in the U.S. without the need for sponsorship now or in the future.