Manager, Cybersecurity & IT Risk ensuring audits and risk management practices at CNB. Collaborating with teams to address cybersecurity and IT controls issues effectively.
About the role
- Principal Cloud Security Engineer securing cloud-native infrastructure for Xapo Bank. Responsible for implementing security measures across AWS, GCP, and other environments.
Responsibilities
- Architect, implement, and maintain cloud security controls across AWS and GCP to protect our infrastructure, applications, and data.
- Take full ownership of security projects, driving them from initial concept through development, testing, and deployment.
- Review, write and deploy infrastructure-as-code (IaC) security solutions using Terraform.
- Continuously assess cloud environments using Cloud Security Posture Management (CSPM) platforms like Wiz.
- Support monitoring, detection, and response for cloud threats by integrating with tools such as AWS GuardDuty, Security Hub, and GCP Security Command Center.
- Participate actively in incident response and forensic analysis for cloud-related security events.
- Collaborate with cross-functional teams to perform threat modeling and secure architecture reviews for new services and infrastructure changes.
- Help reinforce a security-first culture by sharing best practices and participating in awareness initiatives.
Requirements
- 5+ years of experience in cloud security engineering, DevSecOps, or related infrastructure security roles. with demonstrable expertise in securing cloud environments (especially AWS and/or GCP).
- Strong hands-on experience with securing AWS and/or GCP environments (IAM, VPCs, workload protection, encryption, etc.).
- Proficiency in Terraform, with a focus on building and enforcing secure cloud infrastructure.
- Solid experience with cloud-native security tools and CSPM solutions like Wiz, Prisma Cloud, or Orca Security.
- Familiarity with security frameworks and standards (e.g., NIST, CIS, ISO) and their practical application in cloud environments.
- Familiarity with container security concepts.
- Solid grasp of DevSecOps principles, with proven experience integrating security into CI/CD pipelines and operational processes.
- Excellent problem-solving abilities, with a proactive mindset and the capability to adapt to new challenges in dynamic environments.
- Relevant certifications are a plus, such as: AWS Certified Solutions Architect, AWS Certified Security – Specialty, Google Professional Cloud Security Engineer, Other recognized cloud security certifications.
Benefits
- Shape the Future: Improve lives through cutting-edge technology, work 100% remotely from anywhere in the world.
- Great work-life balance: Build amazing things with a balance of autonomy and collaborative teamwork. Set your own work schedule and make use of a flexible PTO plan when you need to recharge.
- Expect Excellence: Collaborate, learn, and grow with a high-performance team. Learn how you learn best - from books to conferences, you’ll get a yearly budget for your individual learning and development goals.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Security Principal at Optiv designing AI security solutions for clients, leveraging advanced security services and technologies. Driving pipeline generation and maintaining strong client relationships as a trusted advisor.
Technical Leader overseeing security for Product and Cloud at Tempo. Leading team, engaging with partners, ensuring compliance, fostering innovations in security practices.
Senior Cybersecurity Advisor providing support to threat and vulnerability analysts at Exposant 3 in a hybrid work model. Collaborating on incident responses and vulnerability management in a dynamic team.
Financial Security Advisor at RBC Insurance connecting clients with comprehensive insurance solutions. Building client relationships and leveraging RBC’s brand to grow the market.
Senior IAM Systems Support Analyst responsible for deploying and improving IAM services at RBC. Supporting MFA systems and ensuring platform reliability while collaborating with various teams.
Senior Manager overseeing IAM initiatives and strategic roadmap execution at RBC. Partnering with stakeholders to enhance organizational capabilities in Identity and Access Management.
Senior Internal Controller in information security defining security strategies and conducting risk analysis. Participating in audits and controls for a multidisciplinary firm in Canada.
Senior Security Consultant specializing in penetration testing at TEHORA. Defining security strategies and conducting risk analyses and audits.
Product Manager responsible for managing Microsoft Security Services portfolio at Softchoice. Engaging with customers, Microsoft and stakeholders to drive market success and growth.