View all jobs
Sr Cloud Security Engineer
Remote, Canada · Computer/SoftwareAbout Us:
We are a boutique, rapidly growing, GCP (Google Cloud Platform) consulting company based out of Toronto. We work with GCP’s top customers (banking, telco, energy, retail, etc.) to help them with cloud transformation, security, analytics, ML, and data governance. Clients usually engage us to solve their most challenging business problems and help raise the bar at their organization.
Why Us?
You get the best of both worlds. We operate like an early-stage startup with all the associated benefits (e.g., talent, growth, learning opportunities, flexibility), but get to solve enterprise-level technical challenges.
• People: We hire top-tier talent. Our team consists of ex-Googlers, YCombinator Alumni, and individuals that built software for 400M users.
• GCP is the Best Cloud: Maybe we are biased, but GCP is the most cutting-edge cloud provider, building on technologies that have been pioneered by Google: BigQuery, K8s/Anthos, Vertex AI, etc.
• Growth: We have doubled in size in the last 6 months, and are looking to double again this year.
You will
• Work closely with technical leads and client teams to fully demonstrate the benefits of GCP technology
• Guide top GCP enterprise customers (banks, telco, energy, etc.) clients on cloud security best practices
• Evaluate security metrics targeted at meeting compliance requirements of various frameworks such as NIST, ISO/IEC 27001
• Deploy SIEM solutions for customers
• Setup GCP foundation, networking and security best practices using Terraform
• Define security best practices, and implement processes and tools to enforce them.
• Help secure and monitor micro-services running on K8s
• Partner with engineers to identify security gaps and integrate security into the software development lifecycle
• Define and implement cloud-based solutions in line with industry best practices and enterprise architecture guidelines
• Run vulnerability scans on clients’ infrastructure.
• Support clients in troubleshooting issues in their test and/or production environments and identifying root causes and solutions
You have
• Strong comprehension of security services working hands-on-keyboard
• Hands-on experience deploying and maintaining security tools on the cloud - AV/EDR. IDS/IPS, DLP, Logging & Monitoring
• Enterprise threat & vulnerability management experience
• Experience building and maintaining vulnerability management programs in cloud-based environments
• Familiarity with Infrastructure as Code tools such as Terraform, CloudFormation, or Config Connector
• Familiarity with encryption fundamentals: PKI, Encryption, Digital Signatures, & Key Management
• Good understanding of containerization technologies such as Kubernetes (GKE) or Docker and related security best practices (container scanning, binary authorization, etc.d)
• An understanding of security principles and other associated controls and features in GCP
• Technical writing, experience in preparing and presenting technical material to a variety of audiences
• Experience in working in, and with, Agile delivery teams
Nice to have
• GCP experience
• Google's Professional Cloud Security Engineer certification
• Common security certifications such as GSEC, CEH, CISSP, CCSP, or CCSK
• Experience in developing cyber security metrics for organizations. Assessing controls as per NIST for the organization and helping the organization to implement them.
• Knowledge of SIEM technologies - Correlation, parsing, upgrades and ongoing maintenance
• Hands-on experience performing vulnerability scans using tools like Nessus, Rapid 7, Qualsys, OpenVas, etc
• Experience with Policy-as-Code (such as OPA)
• Strong understanding of Google SRE best practices
• Experience in large-scale, secure, and high-availability solutions in Cloud environments such as Google Cloud (GCP)
• Strong security background is a big plus: vulnerability management, threat modelling, SIEM, etc.
Type of qualities we look for (across all roles)
• Passionate about delivering high-quality commercial software products and platforms to market
• Team player. We are a small team and enjoy working with each other and our clients - we would like to keep it the same way as we grow
Strong understanding of modern software engineering processes
• Client-focused and passionate about delivering strong business values.
• Able to communicate clearly and effectively with a variety of audiences, including developers, clients, customers, • partners, and executives.
• Flexible and willing to use the right technology for each problem in the context of timelines and business goals
• Ability to complete the job regardless of the circumstance
We are a boutique, rapidly growing, GCP (Google Cloud Platform) consulting company based out of Toronto. We work with GCP’s top customers (banking, telco, energy, retail, etc.) to help them with cloud transformation, security, analytics, ML, and data governance. Clients usually engage us to solve their most challenging business problems and help raise the bar at their organization.
Why Us?
You get the best of both worlds. We operate like an early-stage startup with all the associated benefits (e.g., talent, growth, learning opportunities, flexibility), but get to solve enterprise-level technical challenges.
• People: We hire top-tier talent. Our team consists of ex-Googlers, YCombinator Alumni, and individuals that built software for 400M users.
• GCP is the Best Cloud: Maybe we are biased, but GCP is the most cutting-edge cloud provider, building on technologies that have been pioneered by Google: BigQuery, K8s/Anthos, Vertex AI, etc.
• Growth: We have doubled in size in the last 6 months, and are looking to double again this year.
You will
• Work closely with technical leads and client teams to fully demonstrate the benefits of GCP technology
• Guide top GCP enterprise customers (banks, telco, energy, etc.) clients on cloud security best practices
• Evaluate security metrics targeted at meeting compliance requirements of various frameworks such as NIST, ISO/IEC 27001
• Deploy SIEM solutions for customers
• Setup GCP foundation, networking and security best practices using Terraform
• Define security best practices, and implement processes and tools to enforce them.
• Help secure and monitor micro-services running on K8s
• Partner with engineers to identify security gaps and integrate security into the software development lifecycle
• Define and implement cloud-based solutions in line with industry best practices and enterprise architecture guidelines
• Run vulnerability scans on clients’ infrastructure.
• Support clients in troubleshooting issues in their test and/or production environments and identifying root causes and solutions
You have
• Strong comprehension of security services working hands-on-keyboard
• Hands-on experience deploying and maintaining security tools on the cloud - AV/EDR. IDS/IPS, DLP, Logging & Monitoring
• Enterprise threat & vulnerability management experience
• Experience building and maintaining vulnerability management programs in cloud-based environments
• Familiarity with Infrastructure as Code tools such as Terraform, CloudFormation, or Config Connector
• Familiarity with encryption fundamentals: PKI, Encryption, Digital Signatures, & Key Management
• Good understanding of containerization technologies such as Kubernetes (GKE) or Docker and related security best practices (container scanning, binary authorization, etc.d)
• An understanding of security principles and other associated controls and features in GCP
• Technical writing, experience in preparing and presenting technical material to a variety of audiences
• Experience in working in, and with, Agile delivery teams
Nice to have
• GCP experience
• Google's Professional Cloud Security Engineer certification
• Common security certifications such as GSEC, CEH, CISSP, CCSP, or CCSK
• Experience in developing cyber security metrics for organizations. Assessing controls as per NIST for the organization and helping the organization to implement them.
• Knowledge of SIEM technologies - Correlation, parsing, upgrades and ongoing maintenance
• Hands-on experience performing vulnerability scans using tools like Nessus, Rapid 7, Qualsys, OpenVas, etc
• Experience with Policy-as-Code (such as OPA)
• Strong understanding of Google SRE best practices
• Experience in large-scale, secure, and high-availability solutions in Cloud environments such as Google Cloud (GCP)
• Strong security background is a big plus: vulnerability management, threat modelling, SIEM, etc.
Type of qualities we look for (across all roles)
• Passionate about delivering high-quality commercial software products and platforms to market
• Team player. We are a small team and enjoy working with each other and our clients - we would like to keep it the same way as we grow
Strong understanding of modern software engineering processes
• Client-focused and passionate about delivering strong business values.
• Able to communicate clearly and effectively with a variety of audiences, including developers, clients, customers, • partners, and executives.
• Flexible and willing to use the right technology for each problem in the context of timelines and business goals
• Ability to complete the job regardless of the circumstance