Cloud Engineer • Senior

Who you are

You are a highly skilled Senior Cloud Security Engineer with extensive experience in designing and implementing security measures across multi-cloud environments. Your primary expertise lies in Google Cloud Platform (GCP) or Microsoft Azure, and you also have a strong background in Amazon Web Services (AWS). You understand the importance of a robust security posture and are adept at automating security controls to enhance operational efficiency.

You possess a solid foundation in programming and scripting, particularly with languages such as Python and Bash, which you utilize to automate repetitive security tasks and incident response playbooks. Your experience with Infrastructure as Code (IaC) tools like Terraform allows you to integrate security scanning into CI/CD pipelines effectively, ensuring vulnerabilities are caught before they reach production.

Your familiarity with compliance frameworks such as PCI DSS, SOC2, ISO 27001, or NIST equips you to navigate complex regulatory environments and implement necessary security measures. You have excellent communication skills, enabling you to translate complex security risks into business context for non-technical stakeholders, fostering a culture of security awareness across teams.

Desirable

You hold certifications such as Azure Security Engineer Associate (AZ-500) or AWS Certified Security – Specialty, which further validate your expertise in cloud security. Experience with container security, particularly in Kubernetes environments, is a significant plus, as it complements your cloud security skills and enhances your ability to secure modern applications.

What you'll do

In this role, you will lead and participate in security reviews for new product features and infrastructure changes, providing actionable recommendations to engineering teams to ensure adherence to 'secure by design' principles. You will own the end-to-end Cloud Security Posture Management (CSPM) process, which includes configuring tools, monitoring for misconfigurations, prioritizing risks, and collaborating with stakeholders to remediate security gaps across GCP, Azure, and AWS.

You will be instrumental in automating security controls and incident response playbooks, utilizing your programming skills to streamline processes and enhance security operations. Your responsibilities will also include integrating security scanning into CI/CD pipelines, ensuring that vulnerabilities are identified and addressed before they impact production environments.

You will work closely with cross-functional teams, translating complex security concepts into understandable terms for non-technical stakeholders, thereby promoting a culture of security awareness and compliance within the organization. Your role will be pivotal in maintaining a robust security posture across our multi-cloud infrastructure, ensuring that security is a fundamental aspect of our engineering practices.

What we offer

At TripActions, we offer a dynamic work environment where your contributions directly impact our security landscape. You will have the opportunity to work with cutting-edge technologies and collaborate with talented professionals in the field. We value continuous learning and provide resources for professional development, including access to training and certification programs.

Join us in our mission to enhance security across our cloud environments and make a meaningful impact on our organization's security posture. We encourage you to apply even if your experience doesn't match every requirement, as we believe in the potential of diverse backgrounds and perspectives.