Cloud Security Engineer

Summary

Join Jumio as a Cloud Security Engineer and play a key role in building secure systems and cloud infrastructure, ensuring our business and customers have confidence in our secure cloud infrastructure. Collaborate with infrastructure and DevOps teams to identify and address security gaps, building security tooling and automation. Improve processes for managing secure infrastructure as code, containers, and deploy security services and tools. Conduct periodic security assessments and configuration reviews, identifying and mitigating critical security risks. This role is vital to our global CISO function and requires strong collaboration and communication skills.

Requirements

• 4+ years of experience on a security team
• Strong familiarity with Linux operating systems and cloud ecosystems like Amazon AWS, GCP
• Experience in implementing secure infrastructure as code
• Experience in container-based architecture and deployments (Docker, Kubernetes)
• Understanding of basic AWS Cloud Services (EC2, DynamoDB, API Gateway, RDS, Lambda, CloudFront, CloudFormation, CloudWatch, Route 53, etc.), micro services programming (AWS Lambda, Docker, etc.)
• Strong understanding of networking concepts including TCP/IP, HTTP and TLS, DDoS detection/prevention, and network and host anomaly detection
• Experience with CI/CD automation tools (AWS DevOps, Github Actions, Jenkins)
• Experience with configuration management tools (Terraform, Ansible)
• Ability to communicate well, present security threats and risks to a engineering teams
• Self-motivated; ability to work independently on new initiatives

Responsibilities

• Collaborate with the infrastructure team to identify and fill the gaps in our cloud infrastructure
• Build, promote and scale DevSecOps across the company and enable integration of tools and practices as the teams transform to DevSecOps
• Work with the DevOps team to identify security gaps in our processes, design and implement the solutions to these gaps
• Build security tooling and automation
• Work with infrastructure team to improve processes for managing secure infrastructure as code, containers
• Deploy security services and tools through infrastructure as code, and actively promoting the culture of security as code
• Periodic security assessments and configuration review of cloud environment
• Identify critical security risks and drive mitigation with engineering teams

Preferred Qualifications

• AWS Cloud Practitioner, AWS Security Speciality or any AWS Associate level certification
• Certified Kubernetes Application Developer, Certified Kubernetes Administrator, Certified Kubernetes Security Specialist
• Knowledge and experience in application security
• Bachelor's degree or Master's degree in Computer Science, Mathematics, Physics, or equivalent