Cloud Security Engineer - remote

Trustworthy
Posted 1 year ago
We Work Remotely
We’re a venture-backed startup on the verge of creating a new category we’re calling the Family Operating System™, and we want you on our team. At Trustworthy our mission is to keep families organized and prepared for the unexpected by delivering a secure and beautiful online service that keeps their most important information up-to-date and accessible. Trustworthy is the family’s single destination point for everything from financial accounts, life insurance policies, and estate documents to family stories, traditions, and passport numbers.

We are seeking a seasoned Security Engineer who is a self-starter, can document their own work, communicate well with the team and is passionate about leading dev ops and wants to have fun on a team with resources and a desire to grow.


Responsibilities
  • Triage reports from our security monitoring tools with the engineering team
  • Build and maintain scalable high-quality backend services and productivity tools
  • Maintain a strong security awareness through frequent assessments and software architecture design processes
  • Build automation to continuously assess security risks around our AWS cloud infrastructure and further SaaS tools we integrate with like GitHub
  • Proactively work to identify areas for performance gains including data and scaling challenges
  • Define security requirements (encryption, backups, data retention, etc.) together with our backend and web teams and automate their enforcement
  • Design, create and support security tests in CI/CD pipelines, to include IAST, SAST, DAST, container scanning, API scanning, and secret detection
  • Support new projects and features early in the process with your expertise;Create security requirements and test cases where needed
  • Apply security to cloud technologies (Managing secrets, Securing CD pipeline, Secure Infrastructure as Code, Container Security etc.)
  • Improve our cloud security configurations through active Terraform improvements and reviews and patch management

Requirements
  • Exceptional operational troubleshooting capabilities
  • Process-oriented with great documentation skills
  • 3+ years overall AWS experience
  • 3+ years of hands-on experience with Infrastructure as Code, preferably with Terraform and CloudFormation
  • 2+ years of hands-on experience of programming in languages such as Python, Javascript, Go or similar
  • Experience with automating cloud-native technologies, deploying applications, and provisioning infrastructure
  • Good knowledge of Linux Basics and networking fundamentals, IP routing, load balancing and firewalls, VPN, DNS
  • At least 2 year experience as a SecOps engineer, security engineer, senior reliability engineer, working in a Security Operations Center (SOC), or equivalent education
  • Infrastructure as Code experience (e.g., Terraform)
  • Have at least 1 year experience working with AWS SecurityHub or equivalent
  • Experience with understanding CVEs and remediating security vulnerabilities