Senior Cloud Security Engineer

AvaFin
Wiener Neustadt, Austria
4 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Shift work
Languages
English
Experience level
Senior

Job location

Remote
Wiener Neustadt, Austria

Tech stack

Kubernetes Security
Amazon Web Services (AWS)
Cloud Computing
Cloud Computing Security
Identity and Access Management
Intrusion Detection and Prevention
Network Security
Systems Integration
Docker

Job description

  • Lead IAM strategy and improvements in AWS
  • Ensure secure, compliant, and resilient cloud infrastructure operations
  • Strengthen overall security posture through standards, risk assessments, and controls
  • Automate security processes, integrations, and daily operational tasks
  • Monitor, detect, and respond to cloud security threats and incidents, The processing is necessary for the purposes of the legitimate interests pursued by the Company (Art. 6.1 (f) GDPR), processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Art. 6.1 (c) GDPR); or to comply with legal obligations (Art. 6.1 (b) GDPR)., 1. Our purpose for processing your personal data is to assess your suitability for a role you have applied for, to carry out pre-employment verification and screening, and to help us develop and improve our recruitment processes. We will use the personal data we collect about you in your job application, or any other information generated by you or us:
  • To shortlist candidates for interview with meaningful human involvement in the decision (e.g. reviewing application forms to select candidates based on their qualifications and experience, skills tests, or other assessments).

  • To assess your skills, academic and professional qualifications, and suitability.

  • To conduct interviews (face-to-face or remotely).

  • To carry out background and reference checks, where applicable (verifications used to check the information you provide in support of your job application)., We normally post job offers in our AvaFin Group websites or job search platforms like LinkedIn, that will collect the application information and may ask you to complete a work preference questionnaire that is used to assess your suitability for the role. We can also collect your personal data through employee referral programs. In general, collecting and using your personal data enables us to manage the recruitment and selection process, including setting up an electronic job applicant HR file; managing your application and the communications; conducting assessments; organizing interviews; and conducting background checks and screening. We may also process your personal data to meet recordkeeping and other internal administrative purposes at AvaFin Group (to adequately manage the selection process and assess your application in accordance with group-wide requirements). With all the information collected during the recruitment process we will then decide whether you meet the basic requirements. If you do, we will decide whether your application is suitable to invite you for an interview. If we decide to call you for an interview, we will use the data you provide to us at the interview to decide whether to offer you the role. If we decide to offer you the role, we may then take up references and/or any other check before confirming your hiring. Moreover, with the information collected during the selection processes, we may internally analyze the effectiveness of our recruitment efforts, we can identify areas for enhancement and implement necessary adjustments to streamline future recruitment processes and optimize outcomes. This continuous improvement cycle enables us to stay agile and responsive to evolving business needs and market dynamics.

Final recruitment decisions are made by hiring managers and members of our recruitment team. We take account of all the information gathered during the application process. If we make a conditional offer of employment, we will carry out pre-employment checks. You must successfully complete pre-employment checks to progress to a final offer. We must confirm the identity of our staff and their right to work in the country, and seek assurance as to their trustworthiness, integrity and reliability. You may therefore provide any of the following information: proof of your identity, proof of your qualifications, a criminal record if required by applicable laws, or we can contact your referees using the details you provide in your application directly to obtain references with your consent. If we make a final offer, we will also ask you for the following: bank details - to process salary payments, emergency contact details - so we know who to contact in case you have an emergency at work, or your social security number - as required by the labor regulations.

Requirements

  • At least 5 years of experience working in a Cloud Security position with focus in AWS
  • Extensive hands-on experience with AWS security services (IAM, GuardDuty, Security Hub, Inspector, CloudTrail...)
  • Strong background in IAM and least-privilege design
  • Hands-on experience implementing Infrastructure as Code
  • Strong understanding of network security concepts
  • Experience with container and Kubernetes security (EKS, ECS, Docker hardening...)
  • Proven track record in incident response, threat detection, and forensic investigations in AWS environments
  • Fluency in English (communication with an international team)

Benefits & conditions

  • Remote work - up to 100% remote, or hybrid, if possible, up to you
  • Flexible working hours - only need to cover core working hours with the team
  • 34 hours working week - have more time for you and your hobbies at a competitive full time salary
  • License courses, workshops and learning opportunities within a badge system

About the company

The main focus of the team is to ensure Avafin's products and teams have the least downtime possible. To accomplish this, the team is responsible for building and maintaining the IT infrastructure and workflows both on-prem and in the cloud for all teams, reliably deploy and operate our production services and products, manage services used at Avafin and ensure the organisation complies with applicable security standards and regulations. As technologies we use DefectDojo, OpenVAS , Terraform, AWS, Kubernetes, Helm, ArgoCD, Github/Gitub Actions, Microsoft365, Entra, Go, Python and more. Our IT Department, which is based in Wiener Neustadt, is part of an international Fintech company which provides short and long-term consumer loans in 5 countries within and outside of Europe. With our own platform and websites, we provide an entirely digital lending process so we can guarantee a cashflow to the consumer within only a couple of minutes., We're an international fintech group established in 2012, boasting 400 employees worldwide. We utilize innovative financial technology to provide convenient loan products across five markets: Poland, Spain, Mexico, Czechia, and Latvia. At AvaFin, we prioritize convenience, transparency, and personalized customer experiences, aiming to empower users with easy and swift access to funds at competitive rates. In 2024, AvaFin became a subsidiary of Capitec Bank, South Africa's largest retail bank with over 22 million active clients. This acquisition is part of Capitec's internationalization strategy, aiming to expand its presence beyond the domestic market. Capitec's commitment to personalized service and innovative technology aligns seamlessly with AvaFin's mission, promising enhanced accessibility and reduced costs for customers worldwide.

Apply for this position