Cloud Security Engineer
Jeeves is a groundbreaking financial operating system built for global businesses that provides corporate cards, cross-border payments, and spend management software within one unified platform. The company operates across 20+ countries including Brazil, Canada, Colombia, Mexico, the United Kingdom, across Europe, and the United States, and serves over 5,000 clients ranging from venture-backed startups to SMBs around the world. With a mission to empower businesses with more efficient and cost-effective financial solutions worldwide, Jeeves combines cutting-edge financial technology with exceptional team expertise to transform the business financial landscape. Jeeves has been recognized as one of The Information's 50 Most Promising Startups in 2023, as well as a Y Combinator Top Company 2021-2023 and won “Fintech of the Year" at the European Fintech Awards.
Since graduating from Y Combinator in 2020, Jeeves has successfully raised over $380 million and is backed by top world-class investors including Andreessen Horowitz, Y Combinator, CRV, Tencent, Stanford University, Clocktower Ventures, and founders of more than 15 unicorns including David Velez (Nubank), Carlos Garcia (Kavak) and Sebastián Mejía (Rappi).
Location: This is a full-time remote position within India. #LI-REMOTE
Jeeves is a cloud-first company revolutionizing the Fintech landscape. We're seeking a passionate and experienced Cloud Security Engineer to join our dynamic security team. You'll play a vital role in designing, implementing, and maintaining robust security solutions across our entire IT and cloud infrastructure.
Responsibilities:
- Design, technical HO implementation, and maintenance of secure IT and cloud architectures (AWS mostly.) following industry best practices and compliance regulations.
- Conduct SAAS and system security reviews and work with IT, DevOps, and engineering teams to mitigate and fix those (e.g Security posture, access rights, overall configurations)
- Perform hands-on security assessments and penetration testing of cloud environments to identify and remediate vulnerabilities.
- Build and configure the monitoring process, making sure the right alerts are configured and detected across the systems and handled properly using predefined playbooks.
- Stay up-to-date on the latest cloud security threats and vulnerabilities and provide recommendations for mitigation strategies.Partner with development teams to integrate security best practices throughout the software development lifecycle (SDLC) and make sure features are developed securely.
- Participate in designing and implementing security controls for cloud applications and services.
- Manage and maintain cloud security tools and technologies.
- Monitor and analyze security events using various security tools to identify potential threats and incidents.
- Investigate security incidents to determine root cause, scope, and impact.
- Perform threat hunting to proactively identify and mitigate potential security and fraud risks.
- Respond to security incidents according to established procedures, including escalation to senior security personnel when necessary.
- Analyze threat intelligence feeds and stay current on emerging security threats and vulnerabilities.
Qualifications:
- 7-10 years of experience in cloud security engineering.
- Proven experience working in a cloud-first environment (AWS).
- In-depth knowledge of cloud security concepts and best practices (IAM, encryption, logging, Authentication, Authorization,PII protection etc.).
- Experience with security tools (e.g. Wiz.io, Cloudflare Waf, Cloudflare) and methodologies (e.g. penetration testing, vulnerability scanning).
- Strong understanding of network security concepts and technologies.
- Excellent problem-solving and analytical skills.
- Strong communication, collaboration, and interpersonal skills.
- Ability to work independently and as part of a team.
- Ability to prioritize tasks and manage multiple projects simultaneously.
- A passion for cloud security and a strong desire to stay current on emerging threats.
- Experience with security orchestration, automation, and response (SOAR) platforms.
Good to have:
- Experience with cloud security certifications (e.g., AWS Certified Security – Specialty, Azure Security Engineer Associate).
- Experience with container security (Docker, Kubernetes).
- Experience with security coding practices (OWASP Top 10).
- Experience with scripting languages (e.g., Python, Bash).
- Experience with security automation tools (e.g., CloudFormation, Terraform, Ansible).