Cloud Security Engineer

What you get to do every day

• Perform security assessments of KUBRA systems, applications, and infrastructure providing written reports and recommendations for management review.
• Perform and review vulnerability assessments (including DAST and SAST).
• Build and maintain security tools with an emphasis on automation.
• Liaise with internal and external stakeholders to ensure security and compliance of all KUBRA owned computing systems and applications.
• Provide architectural security guidance to DevOps team building cloud infrastructure in compliance with industry standards (PCI-DSS, NIST, CIS, OWASP) in public cloud environments
• Build threat models and security reporting tools.
• Work with KUBRA Risk team to support risk assessments by providing mitigations to identified risks
• Work with KUBRA Risk team to build appropriate threat models for KUBRA Cloud Platform
• Work with KUBRA Security team, DevOps and Platform Engineering teams to maintain vulnerability and patch management processes inline with KUBRA security policy
• Implement security related services and processes using IaC
• Liaise with internal and external stakeholders to ensure security and compliance of all KUBRA owned Cloud systems and applications.
• Provide architectural security guidance to product engineering teams building software applications in compliance with industry standards (PCI-DSS, NIST, CIS) in public cloud environments.
• Support security assessments of KUBRA systems, applications, and infrastructure providing written reports and recommendations for management review.

What kind of person should you be?

• Maintain awareness of trends and changes in the Cybersecurity industry and threat landscape.
• Excellent written and verbal communications skills and an ability to maintain a high degree of professionalism in all client communications.
• Ability to influence others, build relationships, manage conflicts, and handle
• Understanding and following the business strategy, objectives, and adjusting to performance metrics.
• Excellent organization, time management, problem-solving, and analytical skills.
• Ability to handle pressure and focus on results

What skills do you need?

• Experience in public cloud is required: AWS (Required), Azure/GCP (Optional)
• 2+ years of experience in Cyber Security roles with a preference in engineering.
• Experience work with software development or devops teams is preferred.
• Experience in systems or network administration is preferred.
• Experience working with industry standard regulations and compliance frameworks (PCI-DSS, ISO, NIST, SANS, SOX, SOC II, HIPAA)
• Proficiency in a wide range of public cloud technologies (ex. AWS EC2, EKS, EBS, RDS, S3, etc).
• Proficiency in Infrastructure as Code (IaC) technologies such as Cloudformation or Terraform.
• Scripting and automation skills highly preferred (APIs, Python, Bash, Powershell, Go)

What you can expect from us

• Award-winning culture that fosters growth, diversity and inclusion for all
• Paid day off for your birthday
• Free LinkedIn Learning subscription
• Bi-annual performance-based bonuses
• Continued education with our education reimbursement program
• Flexible schedules
• Free unlimited access to our refreshment stations (fully stocked with tea, coffee and other beverages)
• Two paid days for volunteer opportunities
• Free on-site Fitness center
• Access to a ‘Tickets at Work’ membership
• A free premium membership for ‘Headspace’; an app geared towards mental health and wellbeing
• 401k Matching