Senior Cloud Security Engineer
Velotio Technologies is a product engineering company working with innovative startups and enterprises. We are a certified Great Place to Work® and recognized as one of the best companies to work for in India. We have provided full-stack product development for 110+ startups across the globe building products in the cloud-native, data engineering, B2B SaaS, IoT & Machine Learning space. Our team of 325+ elite software engineers solves hard technical problems while transforming customer ideas into successful products.
Requirements
- Build a Security Hardening strategy for our cloud services and continue to assess and take actions that result in a highly secure cloud service.
- Confidently and intelligently respond to security incidents and proactively consider how to prevent the same type of incidents from occurring.
- Design and coordinate cohesive responses to security events that involve multiple teams across the organization.
- Build security utilities and tools for internal use that enable you and your fellow Security Engineers to operate at high speed and wide scale.
- Evaluate the impact on the organization of current security trends, advisories, publications, and academic research. Coordinate responses across affected teams to do the right thing for our customers and organization.
- Ability to communicate effectively at multiple levels of sensitivity and multiple audiences.
- Recognize, adopt, and instill the best practices in security engineering fields throughout the organization: development, cryptography, network security, security operations, incident response, and security intelligence.
- Provide subject matter expertise on architecture, authentication, and system security. • Fulfil regular on-call responsibilities.
Desired Skills & Experience
- Experience with AWS and AWS Security, Identity, and compliance resources and secure architecting .
- Should have more than 4 years of experience in relevant technologies. preferably in Engineering or Computer Science .
- Experience with Web Application Architecture Security Review, Threat Modelling, Static Code Review, Penetration Testing, and Incident Response Planning
- Experience with third-party risk analysis and management
- Current knowledge of web and mobile application vulnerabilities, attacks, and mitigation methods
- Strong understanding of information security principles and core technologies (CIA, encryption, identity, auth/authZ, SSO, Networking, web protocols, and privacy)
- Strong understanding of web and mobile application security best practices and secure architecture patterns
- Experience with security testing tools: BurpSuite, ZAP, AppScan, SQLMap, Wireshark/TCPdump, Metasploit, Security Monkey, Curl, etc
- Proficient in one programming language – Java preferred along with one scripting language (Perl, Python or PowerShell)
- Good interpersonal and communications skills and the ability to liaison for both technical and non-technical audiences.
Bonus points if you have…
- Certifications in CompTIA Security+, CEH, or GSEC
- Experience with Incident Response , Governance, Risk, and Compliance experience.
Benefits
Our Culture:
- We have an autonomous and empowered work culture encouraging individuals to take ownership and grow quickly.
- Flat hierarchy with fast decision making and a startup-oriented “get things done” culture.
- A strong, fun & positive environment with regular celebrations of our success. We pride ourselves in creating an inclusive, diverse & authentic environment.
We want to hire smart, curious and ambitious folks so please reach out even if you do not have all of the requisite experience. We are looking for engineers with the potential to grow!
Note: Currently, all interviews and onboarding processes at Velotio are being carried out remotely through virtual meetings.