Cloud Security Engineer
We are a Crypto FinTech startup with a mission to bring safe Crypto Banking to anyone and everyone. We believe deeply that safe banking is a basic human right. It underpins strong communities, which enables strong economies which leads to a better world.
We are a small but rapidly growing team staffed by passionate people. We have a rich variety of experience covering technology, crypto, banking, payments, security and regulation. It makes us different and positions us to take on the challenges facing global banking and payments today.
We are building the next generation of banking services to bridge the gap between traditional banking and decentralised finance that will support the farmer in Canada to the field worker in Cambodia - driving the ‘banking of the unbanked’.
As a member of our team you will:
● Define and implement a robust security posture across all aspects of the platform.
● Have significant freedom and laterality to make decisions and get things done
● Work with cutting edge infrastructure tools and have the freedom to adopt new tolling's to support your security plan.
● Meaningfully improve developer happiness and productivity across the company with better development tools and workflows
● Maintain and improve security across our infrastructure including firewall rules,
access control, audit logging, disaster recovery and active vulnerability scanning.
● Work with vulnerability scanning platforms/frameworks
● Amazon Web Services
● Kubernetes (Elastic Kubernetes Service)
● Infrastructure as Code in Terraform and Helm
● Cockroach DB for storage
● Github for version control and CI/CD
● Python, Bash, and Docker for local development workflows and CI/CD jobs
● Tens of containerized microservices running our application code, written in Java + SpringBoot
● 3+ years of IT Security and/or security engineering experience with a clear passion for cloud Security and Cloud technologies.
● Expert knowledge of Cloud infrastructure, security architectures, and standards
● Knowledge of specific service offerings from various cloud service providers and associated security considerations
● Knowledge of Information security risk, and industry best practices with minimum of 2 years relevant experience.
● Able to demonstrate clear understanding of current threats to Cloud infrastructure and/or IT infrastructures at technical and managerial levels
● Able to automate/script daily tasks through Python, Bash or equivalent
● Proficient in Linux system design, automation and operations
● Experience using and maintaining web/cloud scanning tools such as Tenable, Invicti
● Experience with PKI, TLS and automation of cryptographic implementations at scale
● Experience in designing and implementing standards, specifications and procedures.
● Demonstrated ability to take initiative and accountability for achieving results.
● Strong understanding of web fundamentals and related protocols (e.g., TCP/IP, UDP,
IPSEC, HTTP, HTTPS, routing protocols, CDN, caching etc)
● Very detailed knowledge of system security vulnerabilities and remediation techniques
● Security certification desired (e.g., CISSP, GIAC, CEH, etc)