Cloud Application Security Engineer

Summary

Join Ubiminds, a GPTW-certified company, as a Cloud Application Security Engineer and ensure the security of cloud environments and software developed by engineering teams. You will collaborate with engineers, establish security processes, and contribute to the organization's security standards. This hands-on role involves assisting engineers in creating secure pipelines, identifying vulnerabilities, supporting security reviews, and working on security projects. Ubiminds offers a remote-first policy, a MacBook, growth opportunities, English lessons, referral bonuses, and access to their Florianópolis headquarters.

Requirements

• Advanced/fluent English skills – Excellent written and verbal communication skills
• Strong Development/DevOps/Engineering background with experience in Python
• Experience with cloud technologies, AWS and Azure preferred
• Experience with CI/CD pipelines (they use GitLab but others are welcome)
• Experience with Infra as a Code (Terraform and/or others)
• Understanding the underlying infrastructure that applications rely on such as cloud (compute, storage), DNS, networking, etc
• Ability to fix code, working directly with engineers, and ability to code/script solutions and push toward automation
• Understanding of secure software development practices including threat modeling, secure design principles, secure coding, code analysis, security testing, and Application Security automation, etc

Responsibilities

• Assist their engineers in creating secure pipelines and ensure that their applications and cloud environments are secure
• Create, support, and tune the tools that the engineering teams will use to keep their applications and cloud environments secure
• Assist in identifying possible vulnerabilities, pointing out areas requiring improvements, and supporting team leads to rectify issues
• Give support to their engineering teams on cloud/application security reviews, threat modeling and ultimately resolving security issues
• Work on security projects to ensure timely completion of efforts
• Drive security into their systems development life cycle to ensure that security is built in and considered
• Contribute to security policies, standards, procedures, and guidelines

Preferred Qualifications

• Certifications such as GCLD, GCPN, GPCS, GCSA, GWEB, CCSP, or other related security certifications such as CISSP or CISM. Candidates with OSCP would be strongly considered
• Proven ability to communicate technical issues to technical and non-technical audiences
• Great at stakeholder management and influencing skills
• Can work with people across multiple disciplines to create a clear vision and strategy
• Autonomy and ability to self-drive
• Have excellent written and verbal communication skills

Benefits

• Are placed in a product-based company, with the same treatment as their full-time employees
• Have our full back-office support, from career guidance to HR and concierge services
• Enjoy our remote-first policy – we are a distributed team, after all
• Get your own MacBook (none of that "bring your own device" stuff here)
• Have access to growth opportunities with other amazing technology professionals, through tech talks, chapter meetings, and even remote happy hours for tons of fun!
• Improve your English through free lessons with a native English speaker - get to the next level on your communication skills!
• Candidate Referral bonus (promote Ubi to your tech friends, and get paid for it!)
• Miss working in the office? Our cool Florianópolis headquarters is available, whenever you want, with weekly quick massages & tasty snacks, soft drinks, and games