Cloud Security Engineer (Unable to consider OPT/CPT Candidates) East Coast residents only – SW 000009 – Fully Remote
Primary Location
– United States-California-BelmontDescription
VW. Two letters. Endless opportunities. A bright future.
Innovation. Sophistication. Optimization. This is our Passion.
Worldwide, the Volkswagen Group has a long tradition of dramatic innovations. The Volkswagen Group with its headquarters in Wolfsburg, is one of the world’s leading automobile manufacturers and the largest carmaker in Europe. The Group comprises twelve brands from seven European countries: Volkswagen Passenger Cars, Audi, SEAT, ŠKODA, Bentley, Bugatti, Lamborghini, Porsche, Ducati, Volkswagen Commercial Vehicles, Scania and MAN. Here in the US, we are blending German engineering with American ingenuity.
The Center of Excellence within the ADMT LLC focuses on applied research and pre-development with the goal of evaluating and/or develop and transfer innovative technology from industries and research institutions into the autonomous driving domain for technology/supplier decisions and to build the strategic base for a further development of a VW Group owned vertical, integrated AD-stack.
· CANDIDATES MUST RESIDE ON THE EAST COAST FOR CONSIDERATION.
· WE ARE UNABLE TO CONSIDER INTERNATIONAL/OPT/CPT CANDIDATES
Cloud Security Engineer
Role Summary
ADMT represents the Volkswagen Group as its driver for building self-driving technology. With experienced leaders in the field and collaborative partnerships with some of the world’s largest automakers, we’re building self-driving technology that is engineered to scale globally and transform mobility for millions. Talented individuals join our team because they share our purpose to make it safe, easy, and enjoyable for everyone to get around. We aspire to impact key industries that move people and goods, from ride hailing to deliveries.
As the Cloud Security Engineer, you’ll be responsible to ensure strong cybersecurity across cloud, embedded, and infrastructure systems supporting autonomous vehicle development, testing, and deployment in ADMT/MOIA, the Cyber Security Engineer will be responsible for safeguarding critical assets including cloud platforms, vehicle telemetry, AI models, real-time systems, and sensitive data while ensuring adherence to industry standards. This is a hands-on role that requires deep expertise in securing cloud-native infrastructure, services, and workloads. The Security Engineer will work closely with DevOps, Platform, and Application teams to architect, implement, and enforce security best practices across all stages of the development and deployment lifecycle
Role Responsibilities
· Work alongside security engineers and analysts for adopting best practice security in the cloud (Azure)
· Guide and perform security activities including threat modeling and vulnerability analysis, code review, and security testing.
· Ensure teams are validating for OWASP top 10, CWE/SANS top 25 and performing industry leading application security practices.
· Contribute to the development and delivery of security training programs.
· Partner with Engineering Teams to troubleshoot security vulnerabilities. identify root cause, fix and document problems, and implement preventive measures
· Ensure ongoing compliance of cloud hosted infrastructure to security policies and procedures
· Analyze and prioritize reports from internal and external engineering teams; facilitate confirmed issues to resolution with engineering teams
· Assist in the prompt investigation of security incidents and be prepared to isolate and remediate incidents pursuant to established procedures
· Drive the integration and ongoing monitoring of cloud systems events and alerts into SecOps
· Performs security assessments and recommends mitigation strategies or improvements based on security best practices
· Conducts vulnerability assessments and monitors systems, networks, and databases for possible security breaches and recommends improvements.
· Assess large, complicated cloud-hosted services from a threat-centric view to determine where threats could take advantage of vulnerable configurations
· Serve as key liaison between Development teams and SecOps to prioritize and implement technology projects
· Design, Develop, Install, and configure security solutions that meet organization requirements
· Recommend and implement changes to enhance systems security and prevent unauthorized access
Qualifications
Qualifications
- 5 – 7 years of experience in technical aspects of cloud, applications, web or mobile
- 3+ years of experience in IT security functions
Education
Required
B.S. in Information Technology, Computer Science or equivalent work experience
Desired
· Masters in Information Technology, Computer Science (or related education)
Required Skills
Hands-on experience with SIEM platforms for real-time monitoring, audit, and incident response, including:
· Splunk, Elastic Stack (ELK), or Sumo Logic
· Integration of SIEM tools with cloud-native services and Kubernetes environments
· Use of log aggregation, correlation rules, and alerting for detecting misconfigurations or unauthorized access
Proficiency in Infrastructure-as-Code (IaC):
· Terraform (strongly preferred), CloudFormation, AWS CDK
Experience with cloud-native security tools, such as:
· Wiz, Prisma
· AWS Security Hub, GuardDuty, Config
· Azure Defender, Sentinel
· GCP Security Command Center, Forseti
Strong knowledge of:
· IAM (RBAC/ABAC), least privilege principles
· VPC/networking, security groups, flow logs, private endpoints
· Encryption, TLS, key management (KMS), and secrets management (e.g., HashiCorp Vault, AWS Secrets Manager)
Container and Kubernetes security expertise, including:
· PodSecurityPolicies, Pod Security Standards (PSS), Runtime security tools like Falco
· Policy-as-code using OPA/Gatekeeper, Kyverno, or KubeArmor
· Secure image scanning and supply chain security tools (e.g., Trivy, Grype, Snyk)
Experience in automating security testing and remediation in CI/CD pipelines using DevSecOps principles
· Familiarity with data telemetry, V2X communications, or OTA infrastructure is a strong plus
· Demonstrated ability to conduct cloud security audits and generate actionable insights for compliance and incident response Specialized Skills
Desired
· One or more of AWS, Azure, or GCP Certification
· CISSP and/or GIAC or similar professional security certifications highly preferred
Work Flexibility
· Accommodation for working time zone differences between international locations as needed
· Travel is estimated to be 10%.
· Role requires flexibility in daily schedule, including early morning meetings with Europe, evenings for the West
In Silicon Valley, the salary range for this role will be $125,000 – $145,000, depending on education and years of relevant experience.
Salary is determined by geographical location and adjusted accordingly.
Volkswagen Group of America is an Equal Opportunity Employer. We welcome and encourage applicants from all backgrounds, and do not discriminate based on race, sex, age, disability, sexual orientation, national origin, religion, color, gender identity/expression, marital status, veteran status, or any other characteristics protected by applicable laws.
#LI-CK1
#LI-REMOTE