Staff Security (Cloud, devsecops) Engineer - REMOTE

Apply for this position Please mention DailyRemote when applying
timePosted 12 days ago location United States salarySalary undisclosed
Before you apply - make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

Job Description

Huxley Associates is representing a global Fin-tech firm based out of Boston that enables businesses of all sizes to harness the power of stablecoins and public blockchains for payments, commerce and financial applications worldwide in their search for a Staff Security (Cloud, devsecops) Engineer - REMOTE. Y ou'll lead and be responsible for key areas of the security program while collaborating across our teams. You will continue to learn and stay current in a fun and rapidly changing environment.

What you'll work on:
  • Work collaboratively with internal stakeholders to build and operate technology risk management controls
  • Analyze AWS security configurations based on KMS Keys, Security Groups, and IAM Policies across multiple AWS Accounts
  • Build security monitoring and management controls using AWS services such as Security Hub, Inspector, and Guard Duty
  • Script in python using Amazon libraries such as boto3 to generate reusable utilities for environment configuration, control monitoring, audits, and assessment
  • Conduct risk and controls assessments to identify risks and any associated weaknesses, as well as make recommendations on how to mitigate those risks
  • Formulate recommendations that can be implemented using automation tools such as Cloudformation and Terraform
  • Test for vulnerabilities and configuration errors using off-the-shelf and custom tools
  • Collaborate with others to enhance event monitoring, security alerting, and incident response workflows
  • Own and build relationships with key external stakeholders such as customers, vendors, and auditors
  • Produce data-based reports on technology risk for senior management
  • Drive continuous improvement in the technology risk management programs
What you'll bring:
  • Enthusiasm for scalable, reproducible security management
  • Self-motivated and creative problem-solver able to work independently with minimal guidance
  • Ability to manage multiple competing priorities and use good judgement to establish order or priorities on the fly
  • Ability to influence internal and external customers to expediently resolve issues and achieve organizational objectives
  • Experience architecting and testing security controls in AWS
  • Ability to thrive in an "infrastructure as code" environment
  • The ability to design and operate controls that are easy to test and audit
  • Knowledge of the PCI DSS
  • An understanding of standards such as ISO 27001/27002 and the NIST Cybersecurity Framework desirable
  • Experience/familiarity with application security including standards like OWASP, tools like Burp Suite, and secure coding practices a plus
  • Experience working in financial services or financial technology desired