[LATAM] Cloud Application Security Engineer - AWS

Qu's mission is to deliver world class enterprise software to help restaurant chains thrive in the face of increasing complexity, opportunities, and challenges.
Based in Rosslyn, VA, Qu is backed by leading Silicon Valley investors that have also backed Google, Uber, and Dropbox.


We are building an Agile Security Operations team where you'll own the design and implementation of our threat detection and monitoring capabilities. This role offers an exciting opportunity for a security engineer who wants to take ownership of building comprehensive detection capabilities from the ground up, bridging the gap between security theory and operational reality.



What You'll Own


Application Security

  • Implement and enhance secure code review practices with tools like SonarQube and Semgrep
  • Automate SAST/DAST scanning in CI/CD pipelines for services, APIs, and containers
  • Manage open-source library risk: SBOM generation, dependency scanning, CVE and license tracking
  • Partner with developers to remediate findings and embed security into code review and release workflows
  • Support penetration testing efforts and coordinate remediation of web, API, and business logic vulnerabilities

AWS Cloud Security

  • Work with our Cloud Security Posture Management solution to improve security controls across our AWS environment, including ECS/ECS-Anywhere workloads.
  • Own the configuration and optimization of AWS security services (GuardDuty, Security Hub, Config, CloudTrail)
  • Take ownership of encryption strategies using AWS KMS, certificate management, and secrets management

Container & Serverless Security

  • Secure our ECS and ECS-Anywhere container deployments with runtime protection and monitoring
  • Implement container image scanning and vulnerability management workflows
  • Design security frameworks for Lambda functions and serverless architectures
  • Build security automation for container and function lifecycle management

AI & Emerging Technology Security

  • Contribute to the development and security of Qu’s AI infrastructure, including AWS Bedrock, Lambda, agentic frameworks, and Model Context Protocol (MCPs)
  • Implement prompt hardening, secrets protection, and access controls for AI-powered services
  • Develop security monitoring and response strategies for AI agents and workloads
  • Research and integrate best practices for AI model security, data protection, and compliance

Compliance & Governance

  • Ensure application and cloud environments meet SOC 2, PCI, and ISO compliance requirements
  • Implement automated compliance monitoring, drift detection, and reporting
  • Design and maintain security baselines and configuration standards
  • Create compliance evidence collection workflows aligned to developer pipelines




What You Bring


AWS & Cloud Security Expertise

  • Experience securing containerized applications (ECS, Docker) and serverless workloads (Lambda) in AWS
  • 2+ years of hands-on AWS security experience with demonstrated expertise in services like GuardDuty, Security Hub, Config, and CloudTrail
  • AWS Security Specialty, Solutions Architect Professional, or equivalent certification (or readiness to earn certification)

Application Security Expertise

  • Experience working in SaaS.
  • Strong knowledge of secure development practices and code review processes
  • Hands-on experience with SAST/DAST tools (e.g., SonarQube, Sentry, WIZ, Tenable Vulnerability Management, Snyk, Chainguard, Upwind, Orca)
  • Experience with dependency and container image scanning (Trivy, Grype) and SBOM generation
  • Familiarity with penetration testing for web apps, APIs, and business logic vulnerabilities

AI & Emerging Technology Security

  • Experience (or strong interest) in securing AI services such as AWS Bedrock, agentic frameworks, or Model Context Protocol (MCPs)
  • Understanding of prompt injection risks, model misuse, and secure integration of AI/LLM agents
  • Ability to design controls for AI data protection, secrets management, and monitoring AI-driven workloads

Technical Leadership & Automation

  • Proven track record of designing and implementing security architecture from scratch
  • Experience with Infrastructure as Code (CloudFormation, Terraform) for security automation
  • Proficiency in scripting (Python, PowerShell, or similar) to build automations and incident response workflows
  • Strong knowledge of runtime protection and continuous monitoring for containers and cloud services

Ownership & Innovation

  • History of building security controls that scale with rapid business growth and technical debt
  • Ability to work independently while collaborating effectively with DevOps and product engineering teams
  • Strong problem-solving mindset with bias for action and continuous improvement
  • Customer-focused approach to balancing business needs, compliance, and security requirements


Why Join Qu?

  • AWS Expertise Valued: Your AWS certification and cloud security expertise will be central to our success
  • Architecture Ownership: Design and build cloud security architecture that supports millions of restaurant transactions
  • Innovation Platform: Work with cutting-edge AWS services and emerging cloud security technologies
  • Growth Opportunity: Build security capabilities that scale from startup to enterprise as Qu grows
  • Industry Impact: Protect critical restaurant operations while enabling digital transformation

Ready to own AWS security at Qu and help restaurants thrive securely in the cloud? Let's talk!

IT Security

Remote (Argentina)

Share on:

Terms of servicePrivacyCookiesPowered by Rippling