Senior Software Engineer, Cloud Security

Summary

Join TRM Labs, a blockchain intelligence company fighting crime and building a safer world, as a Senior Cloud Security Engineer. Contribute to maturing TRM’s cloud infrastructure and security systems by providing technical guidance, leveraging automation tools, and identifying vulnerabilities. Guide stakeholders, serve as a Cloud Security SME, drive security improvements in GCP, and participate in cloud environment audits. This role requires relevant experience in managing cloud security programs, IAM, and cloud-native security solutions, expert-level knowledge of cloud infrastructure components (preferably GCP), and strong problem-solving skills. The company offers a fast-paced, collaborative environment with a focus on flexibility and transparency. TRM Labs is a remote-first company with a global team, prioritizing a strong remote culture and offering generous benefits.

Requirements

• Relevant industry experience in managing cloud security programs, Identity Access Management (IAM), and cloud-native security solutions (e.g., firewalls)
• Expert-level knowledge of cloud infrastructure components, preferably with GCP
• Strong bias for action; ability to juggle multiple priorities and create a sense of urgency in a fast-paced, dynamic environment
• Ability to audit and provide audit support for security controls within the cloud environment
• Experience with infrastructure vulnerability testing tools, Cloud Application Platforms (Heroku), and Infrastructure as code tools (Terraform)

Responsibilities

• Provide technical guidance and leadership as a cybersecurity expert on topics such as architecture, configuration management, and environment design
• Leverage automation tools, configuration management, and infrastructure-as-code (IaC) solutions to standardize security across all environments
• Guide relevant stakeholders such as engineering, product, and leadership and ensure alignment with security strategies
• Identify and communicate cloud platform vulnerabilities and mitigation options to stakeholders that balance business agility with security
• Serves as a Cloud Security Subject Matter Expert (SME) by maintaining knowledge of industry-recognized cloud security technologies and concepts; actively engages and assists lines of business to understand their needs and develop secure business solutions
• Drive security improvements in the GCP environment and perform Identity and Access Management (IAM) in GCP to ensure that principles of least privilege and roles-based access control are maintained
• Participate in audits of the cloud environment by working with external auditors and internal resources to ensure we are meeting expectations

Preferred Qualifications

• Experience with infrastructure vulnerability testing tools
• Cloud Application Platforms (Heroku)
• Infrastructure as code tools (Terraform)

Benefits

• PTO
• Holidays
• Parental Leave
• Remote work