Lead Cloud Security Engineer (Remote)

We are looking for a Lead Cloud Security Engineer who will put the security of the client's platform into overdrive by championing it throughout the entire Software Development Cycle.

We believe you are a great match if you are passionate about your work and looking for a space to excel and further develop your skills. If you do not shy away from getting your hands dirty while having the main focus on shaping the Team and championing the change - that's the offer for you.

Who are we?

We are a remote-first boutique software house company formed by a group of software experts (average experience in the Team is 12 years). What connected all of us, despite a long-term relationship, is the passion for building Great Software that matters. Our people have a real and direct impact on what and how we build things. We put extra effort into ensuring everyone can make a difference and grow among other experts.

This offer is for you if:

• 7+ years experience in software engineering, 5+ years in security related roles.
• You are a great team player who prioritises Team success over individual goals.
• You quickly establish new relationships, communicate effectively, and have excellent facilitation and negotiation skills.
• You love technology and are a lifelong learner, unafraid to step out of your comfort zone to resolve challenging problems and build quality software.
• You have a Kaizen mindset and believe continuous improvement is not a job but a habit.
• Want to build Great Software that makes a difference.
• Enjoy leading the Team towards successful project delivery by connecting the business and tech worlds and actively removing impediments.
• You love constantly learning and sharing knowledge, helping teams and people grow.
• Excellent English skills, both written and spoken (C1+)
• 
  

Top skills you need:

• Strong knowledge of OWASP.
• Experience integrating DAST, SAST, IAST & SCA into the software development lifecycle.
• Ability to analyse vulnerability data to identify risks and false positives.
• Experience securing AWS-based cloud infrastructure. Ideally, you will understand services such as IAM, AWS Security Hub, AWS Guard Duty, AWS Config, ECS/Fargate, VPC, S3, RDS, and Lambda.
• Capable of building production-hardened environments using Infrastructure as Code (IAC).
• Understanding of end-to-end security within the software development lifecycle.
• Excellent knowledge of at least one scripting language to implement custom tooling - Python is preferred.
• Hands-on experience with relational (Postgres) and no-SQL databases is a plus.
• A massive plus is a track record of previously conducted company-wide security enhancements in any organisation.

As a part of the Team, you will:

• Work with engineering teams to improve the secure software development lifecycle.
• Define the application security testing requirements such as static/dynamic analysis,

vulnerability scanning, penetration testing, etc.

• Foster a shift-left security-focused culture across the engineering teams.
• Ensuring a secure AWS cloud environment.
• Monitor the latest security trends and alerts to improve security posture continually.
• Explain the risk and criticality of identified vulnerabilities to product owners/engineering teams and advise on remediation activities.
• Train engineering colleagues on application security best practices and secure coding techniques.
• Collaborate on technical security strategy and architectures.
• Help the client bootstrap best in the class platform security team.

What do we offer?

• Work for our client in a completely international team you will help shape.
• Remote first work environment (or you can work from our office in Wroclaw if you fancy ;-)
• Ability to participate in international projects.
• Top-of-the-market salary dependent on experience.