Principal Cloud Security Engineer
Principal Cloud Security Engineer
As Principal Security Engineer, you ensure that the risks to our company’s systems and applications, posed by a variety of cyber threats, are addressed, work with development teams to ensure we build, deploy and maintain secure software that is used by millions of users around the globe.
What you'll do
You have a expert understanding of cloud security infrastructure, cloud native technologies and desired state configuration, configuring security policies and securing data.
You facilitate threat modeling sessions within the team, and have the ability to perform vulnerability testing, risk analysis and security assessments and support incident handling. Supporting internal and external pen tests.
You have a expert understanding of how to architect for visibility, detection, mitigation and observability.
Who you are
- 6+ years of experience in cloud / cloud native technologies & security / application security;
- Bachelor's degree in Computer Science, Information Security, Cyber Security or equivalent practical experience;
- One or more security certifications (CISSP, GSEC, CASP, CSSP, CKS, Azure cloud certs, CSSLP, GWEB, OSCP, OSWE or others);
- Excellent English speaking, writing and presentation skills.
Business, Product & Industry Knowledge:
- Good understanding of: core technologies used by Backbase including best practices; Backbase solutions including architecture and deployment best practices; cloud security best practices and trends.
Complexity & Problem Solving:
- Identifying, triaging and resolving security issues;
- Incident handling by using incident response best practices;
- Comply with relevant regulations such as GDPR;
- Research new tools and take the initiative in improving the ways of working.
Collaboration & Interaction:
- Closely collaborate with the ICT team and cloud ops teams that manage our internal applications, work with the engineering teams to ensure the Backbase SaaS platform is designed, built and operated based on good security principles;
- Interact directly with the engineering teams and collaborate with the product owner, architect and technical director.Identify and flag security vulnerabilities or gaps and support security initiatives working with different teams within the organization;
- Interact directly with the developer teams and collaborate with product owner, engineering manager, Value Stream management (RnD) or project manager, solution architect and technical leadership (CS);
- Facilitate threat modelling sessions with the engineering teams.
Supervision:
- Lead the incident response team and drive the investigations and process improvements;
- Drive the security maturity of the teams and identify and flag gaps;
- Play a key role in selecting candidates for the security team as well as onboarding and mentoring new hires.
Our Perks
Loud and busy sometimes but always friendly, helpful, and super fun. We love to celebrate each other’s achievements, share jokes, and our love for food, movies, traveling, and sports. We’re one big and diverse family working towards the same goal.
Lunch
Free, healthy lunches every day. Plus snacks and drinks.
Social
Friday parties every month. Office boat you can use with your team.
Health
Discounted gym membership through our corporate fitness plan.
Training budget
Specific budget for your personal development.
Clothing
You can wear clothes you feel comfortable in.
High spec equipment
We provide all employees with high-spec Macs and tech set up.