{"schemaVersion":"jobsearcher.job.v1","id":"daa3efe53d5f9c538892bcfa","url":"https://jobsearcher.com/jobs/daa3efe53d5f9c538892bcfa","canonicalUrl":"https://jobsearcher.com/jobs/daa3efe53d5f9c538892bcfa","title":"Cloud Security Engineer","description":"Founded in 2014, ButterflyMX is on a mission to empower people to open and manage doors & gates from a smartphone. Our products are installed in more than 10,000+ multifamily, commercial, gated communities, and student-housing properties worldwide, including properties developed, owned, and managed by the most trusted names in real estate.\n\nOur features are designed for developers, owners, property managers, and tenants. And our products lower operating costs and improve tenant satisfaction. Developers and owners no longer need to run building wiring or install in-unit hardware. Property managers can grant building access, revoke permissions, and review entry logs from an online dashboard. Residents can open doors from their smartphones, issue visitor access, and see who is trying to enter the building.\n\nFantastic people are the key to our success. As a distributed, primarily remote workforce, we’re looking for more intelligent, passionate, collaborative, and down-to-earth individuals to join our growing team. Our culture is transparent and flexible; our benefits range from a 401(k) match to quarterly stipends for self-care. While we work incredibly hard to improve the experience of everyone who lives, works, and visits our communities, we always have time for a good laugh.\n\nAre you ready for an exciting, unique & game-changing opportunity? Join us as our first Security Engineer at ButterflyMX, where you will assume a pivotal role in delivering substantial value to the organization by prioritizing the protection of clients', tenants’ & employees' information assets, ensuring the comprehensive security of systems & data. You will mature, build, scale & operationalize our information security program as our first dedicated security engineer. Your expertise will be instrumental in safeguarding our innovative solutions & protecting our valuable assets &, most importantly, our customers & tenants.\n\nAs our Cloud Security Engineer at ButterflyMX, you'll be a leader wearing multiple “security hats” to ensure the resilience, safety, confidentiality, availability & integrity of our cloud, IoT, mobile, web-based solutions & data throughout the environment. This role will report directly into our VP of Information Security & Privacy.\n\nWhat you'll do...\n\nDesign, implement, mature & maintain our robust security controls & processes across our technology stack to protect sensitive data & systems\nLead vulnerability management & remediation efforts to improve the security posture & resiliency of ButterflyMX – prioritizing issues, implementing mitigations, & designing strategic preventative controls\nExtend our detection & response capabilities – building scalable solutions to identify malicious activity, triage alerts, & investigate & remediate incidents\nDrive security incident response efforts, including containment, investigation, recovery, post-incident analysis, lessons learned & ensuring remediation\nEnsure security controls are implemented to enable compliance with industry standards, regulations, frameworks,& best practices (e.g., SOC2, ISO, NIST, CIS, GDPR, CCPA)\nEvaluation, analysis & implementation of new security technologies & solutions to enhance the organization’s security posture\nCollaborate with cross-functional teams to integrate security seamlessly into our product development lifecycle\nStay up-to-date with the latest security threats, technologies, & trends to proactively protect our systems\nDevelop & conduct regular security awareness training & security education programs for employees\nServe as a point of contact for customers & partners regarding security-related inquiries.\nFoster a culture of security awareness & accountability throughout the organization.\nRequirements\n5+ years of security engineering experience building, managing & scaling security operations at a fast-paced, agile/dynamic, cloud native, technology-driven startup\nYou enjoy working as a security engineer in organizations that develop software as a service &/or operate managed infrastructure & technology services for their own customers\nExperience securing a tech stack/solution that includes SaaS, Mobile, & IoT\nExperience working with cross-functional teams to identify & mitigate security, compliance & data privacy risks\nProficiency with deploying, operationalizing & managing security solutions in a remote first organization, with a cloud tech stack built for providing SaaS\nAWS Security SME - experiential knowledge of securing EC2, S3, Lambda, EKS\nAWS Security Stack Experience - WAF, Inspector, Security Hub, GuardDuty, etc..\nSecurity Overlay Solutions: EDR, SIEM, CNAPP/CSPM, DSPM, DLP, IDS/IPS..\nGoogle Workspace, Apple, Windows, MDM, Secure Email Gateway\nExtensive experience & expertise across multiple security domains including cloud security, data security, network security, application security, incident management, threat/vulnerability/patch/configuration management, identity & access management\nStrong understanding of security best practices, frameworks, standards, & compliance requirements, & particularly how these apply to a startup environment through enterprise environments. Experience maturing security controls as an organization matures\nExperience maintaining SOC 2 Type II compliance & associated security controls within an organization\nDemonstrated technical expertise in implementing data privacy controls & safeguards to include facilitating the deployment of technical measures to ensure compliance with data privacy regulations such as GDPR & CCPA\nExpertise in DevSecOps practices, such as automating security testing within CI/CD pipelines & conducting static & dynamic code analyses, through remediation of findings\nExperience automating security controls. Proven technical proficiency using Terraform & other infrastructure as code tools, with a strong track record of managing vulnerabilities in ephemeral cloud infrastructure environments\nIncident response management: Experience in developing & implementing incident response plans, conducting investigations, & managing security incidents effectively\nDemonstrated ability to educate an engineering audience about technical application security vulnerabilities, i.e., OWASP Top Ten, OWASP API Security Top 10\nAdept in a data-driven approach for decision-making & a risk-based mindset to prioritize & address security concerns effectively\nExperience with implementing Security & Privacy by design principles into a development lifecycle involving incorporating threat modeling to identify potential risks & ultimately design appropriate security controls.\nCustomer focused & Solution oriented, Enthusiastic, Empathetic, Adaptable/Flexible, Bias for Action, Forward thinking, Optimistic, Trusted Advisor. Everyone is a customer & everyone is on the security team!\nA strong inclination to dive into the details, actively engaging in hands-on work.\nContinuous improvement mindset. Pursues ongoing professional development, stays updated with emerging threats & technologies\nIndustry certifications such as AWS Security Certified, CISSP, CCSP, CSSLP, GXPEN, OSCP, SANS Certifications, Burp Suite Certified, Security+, CEH, CIPP, CIPT\nBenefits\nComprehensive Medical (ButterflyMX covers 90% of the cost) starting day 1\nDental and Vision plans (ButterflyMX covers 100% of the cost) starting day 1\n401(k) plan with a match\n13 paid holidays and 25 days of PTO\nPaid Family Leave\nEmployee Assistance Program\nQuarterly self-care stipends\nHealthAdvocacy Program\nAccess to optional benefits, including pre-tax flexible healthcare spending accounts (FSA and HSA), Dependent Care FSA, and Commuter Benefits, as well as optional Supplemental Life, AD&D, Hospital Indemnity, Disability, Legal, Accident, Critical Illness, Pet, and Personal Liability Insurance\nCollaborative, dynamic work environment filled with kind, intelligent people who are working hard on an industry-defining product\n\nEEO STATEMENT\nButterflyMX is an equal-opportunity employer, and we value diversity at our company. We strive to create an accessible and inclusive experience for all candidates and employees. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. You must have the authorization to work in the US to become an employee. Please let our recruiting team know if you need reasonable accommodation during the application or the recruiting process.","company":"Butterflymx","rawCompany":"butterflymx","city":"Remote","state":"OR","isRemote":false,"isActive":false,"createdAt":"2026-04-12T21:14:05.940Z","occupations":[{"code":"15-1299.05","title":"Information Security Engineers","slug":"information-security-engineers"},{"code":"15-1299.08","title":"Computer Systems Engineers/Architects","slug":"computer-systems-engineers-architects"},{"code":"15-1212.00","title":"Information Security Analysts","slug":"information-security-analysts"}],"industries":[{"code":"541512","title":"Computer Systems Design Services","slug":"computer-systems-design-services"},{"code":"513210","title":"Software Publishers","slug":"software-publishers"},{"code":"541511","title":"Custom Computer Programming Services","slug":"custom-computer-programming-services"}],"jobPosting":{"@context":"https://schema.org","@type":"JobPosting","title":"Cloud Security Engineer","description":"Founded in 2014, ButterflyMX is on a mission to empower people to open and manage doors & gates from a smartphone. Our products are installed in more than 10,000+ multifamily, commercial, gated communities, and student-housing properties worldwide, including properties developed, owned, and managed by the most trusted names in real estate.\n\nOur features are designed for developers, owners, property managers, and tenants. And our products lower operating costs and improve tenant satisfaction. Developers and owners no longer need to run building wiring or install in-unit hardware. Property managers can grant building access, revoke permissions, and review entry logs from an online dashboard. Residents can open doors from their smartphones, issue visitor access, and see who is trying to enter the building.\n\nFantastic people are the key to our success. As a distributed, primarily remote workforce, we’re looking for more intelligent, passionate, collaborative, and down-to-earth individuals to join our growing team. Our culture is transparent and flexible; our benefits range from a 401(k) match to quarterly stipends for self-care. While we work incredibly hard to improve the experience of everyone who lives, works, and visits our communities, we always have time for a good laugh.\n\nAre you ready for an exciting, unique & game-changing opportunity? Join us as our first Security Engineer at ButterflyMX, where you will assume a pivotal role in delivering substantial value to the organization by prioritizing the protection of clients', tenants’ & employees' information assets, ensuring the comprehensive security of systems & data. You will mature, build, scale & operationalize our information security program as our first dedicated security engineer. Your expertise will be instrumental in safeguarding our innovative solutions & protecting our valuable assets &, most importantly, our customers & tenants.\n\nAs our Cloud Security Engineer at ButterflyMX, you'll be a leader wearing multiple “security hats” to ensure the resilience, safety, confidentiality, availability & integrity of our cloud, IoT, mobile, web-based solutions & data throughout the environment. This role will report directly into our VP of Information Security & Privacy.\n\nWhat you'll do...\n\nDesign, implement, mature & maintain our robust security controls & processes across our technology stack to protect sensitive data & systems\nLead vulnerability management & remediation efforts to improve the security posture & resiliency of ButterflyMX – prioritizing issues, implementing mitigations, & designing strategic preventative controls\nExtend our detection & response capabilities – building scalable solutions to identify malicious activity, triage alerts, & investigate & remediate incidents\nDrive security incident response efforts, including containment, investigation, recovery, post-incident analysis, lessons learned & ensuring remediation\nEnsure security controls are implemented to enable compliance with industry standards, regulations, frameworks,& best practices (e.g., SOC2, ISO, NIST, CIS, GDPR, CCPA)\nEvaluation, analysis & implementation of new security technologies & solutions to enhance the organization’s security posture\nCollaborate with cross-functional teams to integrate security seamlessly into our product development lifecycle\nStay up-to-date with the latest security threats, technologies, & trends to proactively protect our systems\nDevelop & conduct regular security awareness training & security education programs for employees\nServe as a point of contact for customers & partners regarding security-related inquiries.\nFoster a culture of security awareness & accountability throughout the organization.\nRequirements\n5+ years of security engineering experience building, managing & scaling security operations at a fast-paced, agile/dynamic, cloud native, technology-driven startup\nYou enjoy working as a security engineer in organizations that develop software as a service &/or operate managed infrastructure & technology services for their own customers\nExperience securing a tech stack/solution that includes SaaS, Mobile, & IoT\nExperience working with cross-functional teams to identify & mitigate security, compliance & data privacy risks\nProficiency with deploying, operationalizing & managing security solutions in a remote first organization, with a cloud tech stack built for providing SaaS\nAWS Security SME - experiential knowledge of securing EC2, S3, Lambda, EKS\nAWS Security Stack Experience - WAF, Inspector, Security Hub, GuardDuty, etc..\nSecurity Overlay Solutions: EDR, SIEM, CNAPP/CSPM, DSPM, DLP, IDS/IPS..\nGoogle Workspace, Apple, Windows, MDM, Secure Email Gateway\nExtensive experience & expertise across multiple security domains including cloud security, data security, network security, application security, incident management, threat/vulnerability/patch/configuration management, identity & access management\nStrong understanding of security best practices, frameworks, standards, & compliance requirements, & particularly how these apply to a startup environment through enterprise environments. Experience maturing security controls as an organization matures\nExperience maintaining SOC 2 Type II compliance & associated security controls within an organization\nDemonstrated technical expertise in implementing data privacy controls & safeguards to include facilitating the deployment of technical measures to ensure compliance with data privacy regulations such as GDPR & CCPA\nExpertise in DevSecOps practices, such as automating security testing within CI/CD pipelines & conducting static & dynamic code analyses, through remediation of findings\nExperience automating security controls. Proven technical proficiency using Terraform & other infrastructure as code tools, with a strong track record of managing vulnerabilities in ephemeral cloud infrastructure environments\nIncident response management: Experience in developing & implementing incident response plans, conducting investigations, & managing security incidents effectively\nDemonstrated ability to educate an engineering audience about technical application security vulnerabilities, i.e., OWASP Top Ten, OWASP API Security Top 10\nAdept in a data-driven approach for decision-making & a risk-based mindset to prioritize & address security concerns effectively\nExperience with implementing Security & Privacy by design principles into a development lifecycle involving incorporating threat modeling to identify potential risks & ultimately design appropriate security controls.\nCustomer focused & Solution oriented, Enthusiastic, Empathetic, Adaptable/Flexible, Bias for Action, Forward thinking, Optimistic, Trusted Advisor. Everyone is a customer & everyone is on the security team!\nA strong inclination to dive into the details, actively engaging in hands-on work.\nContinuous improvement mindset. Pursues ongoing professional development, stays updated with emerging threats & technologies\nIndustry certifications such as AWS Security Certified, CISSP, CCSP, CSSLP, GXPEN, OSCP, SANS Certifications, Burp Suite Certified, Security+, CEH, CIPP, CIPT\nBenefits\nComprehensive Medical (ButterflyMX covers 90% of the cost) starting day 1\nDental and Vision plans (ButterflyMX covers 100% of the cost) starting day 1\n401(k) plan with a match\n13 paid holidays and 25 days of PTO\nPaid Family Leave\nEmployee Assistance Program\nQuarterly self-care stipends\nHealthAdvocacy Program\nAccess to optional benefits, including pre-tax flexible healthcare spending accounts (FSA and HSA), Dependent Care FSA, and Commuter Benefits, as well as optional Supplemental Life, AD&D, Hospital Indemnity, Disability, Legal, Accident, Critical Illness, Pet, and Personal Liability Insurance\nCollaborative, dynamic work environment filled with kind, intelligent people who are working hard on an industry-defining product\n\nEEO STATEMENT\nButterflyMX is an equal-opportunity employer, and we value diversity at our company. We strive to create an accessible and inclusive experience for all candidates and employees. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. You must have the authorization to work in the US to become an employee. Please let our recruiting team know if you need reasonable accommodation during the application or the recruiting process.","datePosted":"2026-04-12T21:14:05.940Z","dateModified":"2026-04-12T21:14:05.940Z","hiringOrganization":{"@type":"Organization","name":"Butterflymx","sameAs":"https://jobsearcher.com"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Remote","addressRegion":"OR","addressCountry":"US"}},"identifier":{"@type":"PropertyValue","name":"JobSearcher","value":"daa3efe53d5f9c538892bcfa"},"url":"https://jobsearcher.com/jobs/daa3efe53d5f9c538892bcfa"}}