Senior Cloud Security Engineer
Senior Cloud Security Engineer
As a Senior Cloud Security Engineer you’ll get a chance to contribute to building an enterprise-grade SaaS platform (Backbase as a Service) from scratch and maintaining it. As part of the BaaS team, you'll be expected to lay down the foundation of a highly secure, robust platform and related processes to ensure our software runs smoothly in production as well as making sure it complies with industry standards.
What you'll do
The Backbase as a Service tribe is continuously busy with improving their product with the motto "You build it, you run it". Striving to have the highest possible uptime, great performance and best in class levels of security. That's quite an ambition and you can't get there without an automation first approach.
We pride ourselves on the fact that we don't do manual changes in production and that we automatically validate our environment before deploying.
As a Senior Cloud Security Engineer you will have a deep understanding of Cloud Security Infrastructure, cloud native technologies and desired state configuration, configuring security policies and securing data.
You will support threat modeling sessions within the team, and have the ability to perform vulnerability testing, risk analysis and security assessments and support incident handling. Supporting internal and external pen tests. You will have a deep understanding of architecting for visibility, detection, mitigation and observability capabilities. Support security initiatives and work with different teams at various levels within our company to implement them. Participating in the Security Committees and guilds.
Your growth path within Backbase will allow you to grow from the function of Senior Cloud Security Engineer to a function as Principal Cloud Security Engineer in which you will be responsible for driving cross team initiatives and you will take on more responsibilities in the overall security roadmap of the product.
Who you are
● You have a deep understanding of cloud security infrastructure, cloud-native technologies, and desired state configuration;
● You have experience with the following topics: Zero-Trust architecture; Defensible security architecture; Latest cloud security tools and practices; Security processes; Incident management; Vulnerability management; Threat modeling; Logging and monitoring (SIEM); Controls & requirements from Standards like ISO 27001, SOC 2. Nice to have: Knowledge of relevant regulations such as GDPR and PCI-DSS;
● You don't want to just report the problems but you want to fix them;
● You have strong communication skills;
● You are experienced with cloud environments and using desired state configuration to manage this (Terraform is preferred);
● You have experience with Kubernetes;
● 3 years in a similar role running workloads on public cloud;
● Azure cloud certs are nice to have (Azure Administrator/Azure Solution Architect).
Loud and busy sometimes but always friendly, helpful, and super fun. We love to celebrate each other’s achievements, share jokes, and our love for food, movies, traveling, and sports. We’re one big and diverse family working towards the same goal.
Free, healthy lunches every day. Plus snacks and drinks.
Friday parties every month. Office boat you can use with your team.
Discounted gym membership through our corporate fitness plan.
Specific budget for your personal development.
You can wear clothes you feel comfortable in.
High spec equipment
We provide all employees with high-spec Macs and tech set up.