Senior SecOps Engineer

Summary

Join Tala, a leading fintech company, as a Sr Secops Engineer. You will play a crucial role in designing, implementing, and maintaining robust security solutions across our AWS and GCP cloud environments. Leveraging a DevSecOps approach, you will focus on security configuration hardening, vulnerability management, threat detection, and incident response. This role requires extensive experience in cloud-native security and collaboration with various teams. You will contribute to a secure and scalable platform serving millions of customers globally. Tala offers a remote-first work environment and a diverse, inclusive team.

Requirements

• 5-7 years of previous experience deploying and administering security infrastructure in GCP or AWS public cloud environments, using Infrastructure as Code
• In-depth hands-on experience with at least one public Cloud platform (AWS or GCP) with advanced knowledge of securing IaaS platforms and services like WAFs, Security Groups, EC2/Compute, EKS/GKE, ECR/GCR, S3/Cloud Storage, RDS/Cloud SQL, Logging and Monitoring
• Security experience in a cloud-native environment in one or more areas: authentication, access management, API security, Linux security, vulnerability scanning, threat and intrusion detection, firewalls, WAF, encryption technologies, container security, etc
• Prior experience working closely with Product, DevOps and CloudOps' Site Reliability Engineers on shift-left strategies, CI/CD tools and solutions

Responsibilities

• Drive the design and implementation of defense-in-depth infrastructure and application security solutions for our customer-facing SaaS platform in AWS & GCP public cloud environments
• Drive architecture, implementation, configuration, and automation of native and third-party cloud security solutions for hardening, detection, prevention, logging, and response solutions for security vulnerabilities and threats
• Assist in incident response and triaging activities as needed for security incidents and events
• Work closely with Product, Engineering, and IT in a DevSecOps model on technologies like FWs, ACLs, WAFs, IAM roles and permissions, Vulnerability management and hardening, Threat and Intrusion detection, Kubernetes Container Security solutions
• Provide thought leadership with a security bent of mind to the organization

Preferred Qualifications

Experience using a programming language such as Python for automation

Benefits

Remote-first approach