About Workstreet

At Workstreet, we're on an exciting journey to help businesses scale securely by designing and implementing cutting-edge security and compliance programs. As a fast-growing startup, we specialize in a wide range of frameworks, including SOC 2, ISO 27001, GDPR, CMMC, NIST 800-171, NIST 800-53, and FedRAMP---empowering companies to meet regulatory requirements and enhance their cybersecurity posture from day one

The Opportunity

We are seeking a Cloud Security Engineering Manager to lead and scale our cloud security practice. In this role, you will build and manage a team of cloud security engineers, oversee the delivery of secure cloud architectures, and drive strategic initiatives that strengthen clients' cloud security postures across AWS, GCP, and Azure environments. You will serve as a technical leader and trusted advisor to clients while establishing engineering standards, automation frameworks, and compliance methodologies for our cloud security services.

What You'll Do

Leadership & Team Management

• Build and Lead the Cloud Security Engineering Team: Recruit, mentor, and develop cloud security engineers across varying skill levels, fostering a culture of technical excellence and continuous improvement.
• Oversee Cloud Security Delivery: Manage the planning, scoping, implementation, and delivery of cloud security engagements including architecture reviews, security automation, and compliance implementations.
• Quality Assurance & Technical Review: Review cloud security architectures, infrastructure-as-code implementations, and security automation workflows to ensure they meet industry standards and client requirements.
• Resource Planning & Allocation: Balance team capacity across client engagements, internal R&D projects, and professional development initiatives while maintaining high-quality service delivery.

Strategic & Client-Facing Responsibilities

• Client Advisory & Relationship Management: Serve as the primary technical point of contact for cloud security clients, translating complex security and compliance requirements into practical, scalable cloud architectures for technical and executive audiences.
• Cloud Security Program Development: Design and implement cloud security frameworks, reference architectures, standard operating procedures, and automation playbooks aligned with compliance requirements (SOC 2, CMMC, FedRAMP, ISO 27001, HIPAA).
• Scoping & Solution Architecture: Lead technical scoping discussions, design cloud security solutions, define implementation roadmaps, estimate effort, and contribute to proposal development for new cloud security opportunities.
• Cross-Functional Collaboration: Partner with sales, compliance, and engineering teams to deliver integrated security solutions that align with client needs and organizational growth objectives.

Technical Excellence & Innovation

• Maintain Technical Leadership: Stay current with emerging cloud security technologies, threat landscapes, compliance requirements, and industry best practices through hands-on engineering and continuous research.
• Security Automation & Tooling: Architect and oversee development of infrastructure-as-code (IaC) frameworks, security automation pipelines, and compliance-as-code solutions using Terraform, CloudFormation, Python, and CI/CD integration.
• Cloud Security Architecture: Design multi-cloud security architectures incorporating Zero Trust principles, identity-centric security models, network segmentation, encryption strategies, and defense-in-depth controls.
• Thought Leadership: Contribute to cloud security research, develop technical content, present at conferences or webinars, and establish Workstreet as a recognized authority in cloud security engineering.

Who You Are

Required Qualifications

• 5+ years of hands-on cloud security engineering experience across AWS, GCP, or Azure environments with deep expertise in at least two of the three major cloud platforms.
• 2+ years in a leadership or team management role, demonstrating the ability to mentor engineers, manage complex projects, and drive team performance.
• Deep technical expertise in cloud security architecture, IAM, network security, encryption, logging/monitoring, and infrastructure-as-code (Terraform, CloudFormation, Pulumi).
• Strong compliance framework experience implementing controls for SOC 2, ISO 27001, CMMC, NIST 800-171/800-53, FedRAMP, HIPAA, or GDPR.
• Proficiency with security automation using Python, Bash, PowerShell, or similar scripting languages to enforce security controls and streamline operations.
• Experience with cloud-native security tools: AWS Security Hub, GuardDuty, Config, CloudTrail; Azure Security Center, Sentinel; GCP Security Command Center, Chronicle.
• Relevant certifications such as AWS Certified Security - Specialty, GCP Professional Cloud Security Engineer, Azure Security Engineer Associate, CISSP, CCSP, or equivalent.
• Excellent communication skills: Ability to articulate complex technical concepts to both technical and executive audiences with clarity and business context.
• Fluency in written and spoken English with strong client-facing communication skills.
• Amenable to working during US Eastern Time zone hours.

Preferred Qualifications

• Additional certifications: CISM, CISA, CCSK, Certified Kubernetes Security Specialist (CKS), or advanced cloud architecture certifications.
• Experience with container and Kubernetes security (Docker, EKS, GKE, AKS) and cloud-native security platforms (Prisma Cloud, Aqua Security, Wiz).
• Hands-on experience with SIEM platforms (Splunk, Sentinel, Chronicle), IDS/IPS, EDR/XDR, and vulnerability management solutions.
• Familiarity with DevSecOps practices including security integration into CI/CD pipelines, SAST/DAST, and shift-left security principles.
• Understanding of Zero Trust architecture, identity federation (SAML, OAuth, OIDC), and modern identity platforms (Okta, Azure AD, AWS IAM Identity Center).
• Prior experience in a startup or high-growth technology environment managing technical teams and client relationships.
• Track record of published technical content, conference presentations, or open-source contributions related to cloud security.

Nice to Have

• Experience building and scaling cloud security programs from the ground up.
• Background in security operations, incident response, or threat detection and response.
• Familiarity with multi-cloud security orchestration and unified security posture management across cloud platforms.
• Understanding of FinOps practices and cost optimization strategies for security tooling.
• Experience managing client relationships in consulting or professional services environments.

Knowledge of federal compliance requirements for government contractors (CMMC, FedRAMP, NIST 800-171).