Canoo Technologies Inc.

Principal Engineer, Cloud Security

Information Technology
Full Time
Location : Location

About Canoo

Canoo maintains compliance with the OFCCP. As such, please feel free to review the following information:


If you are a person with a disability needing assistance with the application process, please call (310) 702-7907 or email us at


Canoo’s mission is to bring EVs to Everyone and build a world-class team to deploy this sustainable mobility revolution. We have developed breakthrough electric vehicles that are reinventing the automotive landscape with pioneering technologies, award-winning designs, and a unique business model that spans all owners in the full lifecycle of the vehicle. Canoo is starting production in 2022 and is distinguished by its pioneering and experienced team of technologists, engineers, and designers. With offices around the country, the company is scaling quickly and seeking candidates who love to challenge themselves, are motivated by purpose, and possess a strong desire to get things done.


The “Canoo Way”


Canoo’s success is the direct result of our disciplined application of our core operating principles and drills, which are based on three main principles: Think 80/20 (“Important versus less important”), Act 30/30 (“Reduce waste and increase output”), and Live 90/10 (“We have each other’s back”). We hire based on “MET” - Mindset, Equipment and willingness to Train - and seek individuals that take accountability and deliver results while being Humble, Hungry to succeed, and Hunting for opportunities to win. We train our team to engage with each other by modulating between their intellect (iQ) and emotional intelligence (eQ), applying Facts, Finesse, and Force when they communicate. The principles and drills of the CANOO Way have been fundamental to our success, our ability to grow, continuously improve, innovate and are at the core of our day-to-day operations.


The Principal Engineer, Cloud Security will be an integral member of the Information Technology (IT) team focused on Canoo’s overall Cloud Security posture, DevSecOps, Enterprise Identity and Access Management (IAM), detailed technical standards and playbooks, and implementing tools to improve the security of cloud workloads.

The Principal Engineer, Cloud Security will architect and manage the secure operation of the Canoo’s cloud based technical infrastructure. This role includes responsibility for technical security implementation, administration of security systems, creating and maintaining accurate technical documentation and playing a pivotal role in developing a penetration testing program and organizing red team activities. If you have passion for cutting edge cloud services, deep interest in cybersecurity architecture and information security technologies, can convert complex requirements into efficient designs, and enjoy working in a fast-paced environment with talented engineers then Canoo is for you. 


  • Actively develop and improve existing solutions for securing and monitoring all cloud environments, including AWS, Azure, and 0365 workloads
  • Play a pivotal role in implementing and managing a Secure Software Development Lifecyle program and subsequent pluggable/reusable patterns for Software Engineering DevOps teams’ integration into CI/CD pipelines
  • Work collaboratively with DevOps teams to define standards for Secure Development pipelines
  • Work collaboratively with infrastructure and SRE teams to define and formalize detailed cloud security technical standards and guidelines
  • Develop and deploy compliance checking capabilities to continuously identify DevOps and Infrastructure/SRE teams not leveraging Cyber Security components and patterns, or complying with Cyber Security technical standards and guidelines
  • Collect and report on Cyber Security operational metrics for Software Engineering DevOps teams
  • Research Cyber Security trends and emerging technologies, identify our business and technical requirements, perform technical evaluation and support deployment of Cyber Security solutions
  • Develop and implement Cyber Security solutions u­sing IaC, automation scripts and supporting tools that streamline routine security processes, maintain Cyber Security repos, documentation, and Cloud Cyber Security accounts
  • Assist with architecting and implementing a cloud based SIEM solution with meaningful Dashboards and Analytics tooling
  • Collaborate with IAM architects to implement and manage an IAM identity architecture stack and respective processes that govern access to all Canoo systems
  • Play a pivotal role in developing a Penetration Testing program for the organization
  • Contribute to the planning, design, and implementation of Red Team engagements



  • Critical thinking skills and curiosity
  • BS degree in Computer Science / Engineering or a related field, or equivalent experience
  • Ability to work on multiple projects at a time in a fast-paced environment
  • Infrastructure as code (hands-on Terraform) and intermediate proficiency with one or more languages: Python, Go, Bash, C, C++, C#
  • Hands-on experience with distributed version control systems (e.g., Git/Stash)
  • 3-5+ years of hands-on experience building, maintaining, and securing AWS environments (e.g., VPC's, EC2, EKS, serverless, IAM/Network policies, AWS Access Management, SCPs, etc.)
  • Cloud penetration testing and offensive security
  • AWS incident triage/containment
  • AWS IAM (provisioning, de-provisioning, reconciliation, continuous compliance, AWS Landing Page, Role Adoption, IAM Policy compliance, re-certification, etc.)
  • Enterprise IAM (e.g., provisioning, de-provisioning, reconciliation, continuous compliance, re-certification, etc.)
  • IAM tools (e.g., Okta, Saviynt, SailPoint, ForgeRock, etc.)
  • Hands-on experience with Docker, K8s, Modern CI/CD tooling, ELK and deploying applications to AWS
  • Experience with securing the Software Development Life Cycle, from requirements to design, implementation, testing, and release
  • Knowledge of Linux and Linux OS internals


  • An adversarial mindset with hands-on experience as a Red Team member
  • Hands-on experience with cloud security forensics and analysis of security threats and events, and be able to perform penetration testing in the cloud
  • Experience with tools such as Metasploit, Nmap, Nessus, Burp Suite, Wireshark, TCPdump, etc.
  • Knowledge of open security testing standards and projects, including OWASP, or MITRE ATT&CK Framework
  • Participation in the security community via contribution to open-source projects, tool development, blog writing, or responsibly disclosed vulnerabilities
  • Microservice design patterns, Zero Trust security concepts, and Kubernetes security
  • Attribute Base Access Controls (ABAC) strategy and implementation
  • Data Protection and Security strategy and implementation 

Physical Requirements for Non-Physical Positions

While performing the duties of this job, employees may be required to sit for prolonged periods of time, occasionally bending or stooping, lifting up to 10 pounds, and prolonged periods of computer use.


Reasonable Accommodations

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the position.

What's Cool About Working Here...

  • Meaningful, challenging work that will redefine the automotive landscape and make EVs available to everyone
  • Comprehensive Health Insurance
  • Equity Compensation
  • Flexible Paid Time Off
  • Casual workplace with an unbelievable feeling of energy

Canoo is an equal opportunity-affirmative action employer and considers all qualified applicants for employment based on business needs, job requirements and individual qualifications, without regard to race, color, religion, sex, age, disability, sexual orientation, gender identity or expression, marital status, past or present military service or any other status protected by the laws or regulations in the locations where we operate. We also consider qualified applicants with criminal histories consistent with applicable federal, state and local law.


Any unsolicited resumes or candidate profiles submitted in response to our job posting shall be considered the property of Canoo Inc. and its subsidiaries and are not subject to payment of referral or placement fees if any such candidate is later hired by Canoo unless you have a signed written agreement in place with us which covers the applicable job posting. 


Canoo cares deeply about the safety of all candidates who may be asked to participate in an in-person interview. While the company remains operational, some of our positions are remote, while others require working on-site. Canoo is following the Covid-19 protocols set forth by local state and federal governance and the CDC guidelines. Candidates who are vaccinated will be asked to provide a copy of proof of vaccination upon arrival for the interview. Candidates who are not vaccinated will be asked to provide proof of a negative Covid-19 test that is no less than 48 hours old. We ask that you practice hand hygiene, social distance, and wear face coverings to reduce the risks of exposure to Covid-19. We appreciate your cooperation with our safety protocols while you explore your future with Canoo!


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed