Senior Software Engineer - Cloud Security

From our customers to our code, and everything in between, the security team at TRM is integral to every aspect of our business. As a Senior Cloud Security Engineer, you will contribute to the charter for maturing TRM’s cloud infrastructure and security systems at scale. From designing the strategy to implementing best practices, your work will accelerate our mission of building a safer financial system for billions of people. 

The impact you’ll have here:

• Provide technical guidance and leadership as a cybersecurity expert on topics such as architecture, configuration management, and environment design
• Leverage automation tools, configuration management, and infrastructure-as-code (IaC) solutions to standardize security across all environments
• Guide relevant stakeholders such as engineering, product, and leadership and ensure alignment with security strategies
• Identify and communicate cloud platform vulnerabilities and mitigation options to stakeholders that balance business agility with security
• Serves as a Cloud Security Subject Matter Expert (SME) by maintaining knowledge of industry-recognized cloud security technologies and concepts; actively engages and assists lines of business to understand their needs and develop secure business solutions
• Drive security improvements in the GCP environment and perform Identity and Access Management (IAM) in GCP to ensure that principles of least privilege and roles-based access control are maintained
• Participate in audits of the cloud environment by working with external auditors and internal resources to ensure we are meeting expectations

What we’re looking for:

• Relevant industry experience in managing cloud security programs, Identity Access Management (IAM), and cloud-native security solutions (e.g., firewalls)
• Expert-level knowledge of cloud infrastructure components, preferably with GCP
• Strong bias for action; ability to juggle multiple priorities and create a sense of urgency in a fast-paced, dynamic environment.
• Ability to audit and provide audit support for security controls within the cloud environment
• Experience with infrastructure vulnerability testing tools, Cloud Application Platforms (Heroku), and Infrastructure as code tools (Terraform)

About the Team:

• The culture of our team is built on mutual respect, where everyone's opinion is valued and heard.
• We prioritize flexibility and efficiency, always seeking smarter ways to work without compromising quality.
• Transparency is at the heart of how we operate, both within the team and with the business, as we focus on clearly communicating and addressing cyber risks.
• Our collaborative approach ensures that we not only mitigate these risks but also align our efforts with business goals to protect and drive success.

Team’s Time Zones:

• Eastern Standard Time (EST - GMT-4)
• Pacific Standard Time (PST - GMT-7)
• Central European Summer Time (CET - GMT+2)