Principal Cloud Security Engineer securing cloud-native infrastructure for Xapo Bank. Responsible for implementing security measures across AWS, GCP, and other environments.
Responsibilities
Architect, implement, and maintain cloud security controls across AWS and GCP to protect our infrastructure, applications, and data.
Take full ownership of security projects, driving them from initial concept through development, testing, and deployment.
Review, write and deploy infrastructure-as-code (IaC) security solutions using Terraform.
Continuously assess cloud environments using Cloud Security Posture Management (CSPM) platforms like Wiz.
Support monitoring, detection, and response for cloud threats by integrating with tools such as AWS GuardDuty, Security Hub, and GCP Security Command Center.
Participate actively in incident response and forensic analysis for cloud-related security events.
Collaborate with cross-functional teams to perform threat modeling and secure architecture reviews for new services and infrastructure changes.
Help reinforce a security-first culture by sharing best practices and participating in awareness initiatives.
Requirements
5+ years of experience in cloud security engineering, DevSecOps, or related infrastructure security roles. with demonstrable expertise in securing cloud environments (especially AWS and/or GCP).
Proficiency in Terraform, with a focus on building and enforcing secure cloud infrastructure.
Solid experience with cloud-native security tools and CSPM solutions like Wiz, Prisma Cloud, or Orca Security.
Familiarity with security frameworks and standards (e.g., NIST, CIS, ISO) and their practical application in cloud environments.
Familiarity with container security concepts.
Solid grasp of DevSecOps principles, with proven experience integrating security into CI/CD pipelines and operational processes.
Excellent problem-solving abilities, with a proactive mindset and the capability to adapt to new challenges in dynamic environments.
Relevant certifications are a plus, such as: AWS Certified Solutions Architect, AWS Certified Security – Specialty, Google Professional Cloud Security Engineer, Other recognized cloud security certifications.
Benefits
Shape the Future: Improve lives through cutting-edge technology, work 100% remotely from anywhere in the world.
Great work-life balance: Build amazing things with a balance of autonomy and collaborative teamwork. Set your own work schedule and make use of a flexible PTO plan when you need to recharge.
Expect Excellence: Collaborate, learn, and grow with a high-performance team. Learn how you learn best - from books to conferences, you’ll get a yearly budget for your individual learning and development goals.
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.