Where You AreWe are a fully remote company with a focus on hiring in the US. While we embrace a remote-first culture, time zones will be an important consideration for collaboration.
What You'll Do- Integrate and automate security controls directly into CI/CD pipelines, ensuring continuous vulnerability scanning, code analysis, and secure software delivery.
- Design, implement, and maintain secure Infrastructure as Code across multiple environments, primarily focusing on Google Cloud (GCP).
- Drive compliance and continuous auditing, acting as the primary technical point of contact for automated and manual evidence collection, with a heavy focus on PCI-DSS and supporting SOC 2 requirements.
- Manage and enforce Identity and Access Management (IAM), network security policies, and encryption standards across all cloud environments.
- Conduct continuous infrastructure security monitoring, threat modeling, and automated compliance auditing using tools like GCP Security Command Center (SCC) and Prisma Cloud.
- Collaborate with development teams to resolve security vulnerabilities, streamline secure deployment workflows, and cultivate a security-first engineering culture.
Required Skills- 5+ years of experience in DevSecOps, Cloud Security, or DevOps, with a deep understanding of securing cloud-native infrastructure and automation.
- Strong expertise with Kubernetes (GKE preferred) and container security practices, including hands-on experience with Helm.
- Solid proficiency with Google Cloud (GCP) security architecture, utilizing native tools for posture management and threat detection.
- Hands-on experience with security tooling such as SAST/DAST, container scanning (e.g., Trivy, Scout, PrismaCloud), and cloud security posture management (CSPM) platforms like Prisma Cloud and GCP Security Command Center.
- Practical experience working within regulated fintech environments, specifically executing technical evidence collection for PCI-DSS and SOC 2 audits.
- Proficient in scripting languages such as Python or Bash.
- Comprehensive knowledge of networking, zero-trust architectures, and system administration in cloud environments.
Preferred Skills- Familiarity with configuration management tools (e.g., Terraform, OpenTofu) and IaC security scanning (e.g., tfsec, Checkov).
- Exposure to microservices architectures and best practices for secure deployment.