{"@context":"https://schema.org/","@type":"JobPosting","title":"Senior Engineer, Cloud Security
Role details
Job location
Tech stack
Job description
Major elements of our platform include AWS (we make significant use of S3 RDS Kinesis EC2 EMR ElastiCache ElasticSearch and EKS). Elements of the platform will start to expand into GCP (Compute Engine Cloud Storage Google Kubernetes Engine and BigQuery). Other significant tools of the platform include Linux Terraform Kubernetes Docker Packer Ansible and Jenkins. We support applications and services written in Golang Python Java Scala . We monitor and alert on everything we deploy via Grafana Prometheus Graphite and ELK stacks., * Provide point of expertise on application data and network security to our wider engineering teams - engaging with them in order to ensure consistent adoption of security policies and best practice
- Participate in the automation of software to our cloud platform and embed security into our methodology embracing DevSecOps
- Improve our monitoring and alerting systems to enhance them with specific and relevant security data points
- Participate in an on-call rotation and assist with troubleshooting issues that arise
- Defining and implementing a Security Incident Response process / policy with regular evolvement testing and adherence
Requirements
We are searching for an experienced Senior Cloud Infrastructure Security Engineer with an unquenchable thirst for automation and a passion for DevSecOps methodology. Youll be working with a team of other engineers to build out and secure our expanding cloud infrastructure in AWS. While this is a hands-on engineering position (not a CISO or a consulting role) you will need the confidence and gravitas to heavily influence engineers and managers across a wide technical function., * Three years or more experience in Cloud Infrastructure roles (predominantly AWS) working within teams that practice DevSecOps
-
Ability to interact comfortably with AWS via CLI and / or API
-
Proficient in managing Infrastructure exclusively with Terraform
-
Specific expertise in threat assessment attack surface management data security the network stack at L4 and L7 DNS VPC security IGW WAF and CloudFront
-
Experience designing and managing IAM policies roles and trust policies
-
Good knowledge of most of VPN MFA SAML OAuth2 KMS and TLS
-
Good knowledge of some IdP (Okta OneLogin Auth0) frameworks and integrations
-
Experience building and running Docker images / containers securely including container orchestration security
-
Experience of code security audit static and dynamic analysis defensive programming techniques and visualisation and measurement of security KPIs
-
Expertise in at least one scripting or programming language (Python Bash Ruby Node Golang Java)
-
Plays well with others - we build and ship as a team Advantageous Qualifications
-
AWS Certified Security Specialist
-
Hands on experience designing and implementing security controls within GCP
-
Experience defining and operating a Security Incident Response process
-
Good knowledge of monitoring and alerting using one or more of : Graphite Statsd Prometheus Grafana OpenSearch
-
Any experience of ISO27001 certification processes
-
Understanding of cloud native and 12-Factor applications
-
Offensive or defensive penetration testing experience
Benefits & conditions
You will be someone that shares our values and ambitions and can bring security best practices and specific cloud security expertise to the party. You will additionally be the kind of person that is energised by complex challenges teamwork and problem return we can offer a great tech culture highly competitive compensation packages and employment benefits.
