About the Role
The role involves integrating security practices into cloud operations and development workflows, ensuring resilient systems through automated tooling, incident response, and continuous improvement of platform reliability and protection.
Responsibilities
- Integrate security controls into CI/CD pipelines to enforce compliance and reduce vulnerabilities
- Monitor cloud environments for suspicious activity and respond to security incidents
- Develop automation scripts to detect and remediate infrastructure misconfigurations
- Collaborate with development teams to embed security best practices early in the development lifecycle
- Maintain and improve cloud security posture across multiple environments
- Implement and manage identity and access controls for cloud resources
- Conduct regular security assessments and penetration testing exercises
- Support incident response efforts with clear documentation and post-mortem analysis
- Optimize logging and monitoring systems for faster threat detection
- Enforce encryption standards for data at rest and in transit
- Manage firewall rules and network segmentation to limit attack surface
- Deploy and maintain security tools such as SAST, DAST, and container scanning solutions
- Ensure compliance with industry standards and regulatory requirements
- Automate routine security tasks to improve operational efficiency
- Participate in architecture reviews for new cloud deployments
- Troubleshoot security-related issues in production systems
- Stay current with emerging threats and evolving cloud security technologies
- Contribute to internal knowledge sharing on security practices
- Work closely with platform engineers to harden system configurations
- Support audit processes with accurate and timely reporting
- Promote a culture of security awareness across engineering teams
- Evaluate third-party security tools and recommend integrations
- Assist in defining security policies and enforcement mechanisms
- Maintain up-to-date threat models for critical services
- Drive improvements in mean time to detect and respond to incidents
Nice to Have
- Certifications such as CISSP, CISM, or cloud-specific security credentials
- Hands-on experience with Kubernetes security tools like Kyverno or OPA
- Knowledge of service mesh security features
- Experience with runtime security and threat detection tools
- Background in building internal developer platforms
- Familiarity with open-source security projects
- Contributions to public repositories or security communities
- Experience working in fully remote teams
- Exposure to large-scale distributed systems
- Understanding of supply chain security risks
Compensation
Competitive salary and benefits package
Work Arrangement
Remote
Team
Part of a distributed engineering team building secure, scalable cloud solutions
Why This Role Matters
Security is embedded into every layer of the development and deployment process, and this role ensures that cloud infrastructure remains protected without slowing innovation.
Technology Stack
The team uses Kubernetes, Terraform, Prometheus, Grafana, OpenTelemetry, and a suite of open-source security tools to build and secure cloud-native applications.
Available for qualified candidates
