Cleafy is a SaaS company, a team of fraud hunters, cybersecurity experts, data scientists, and software engineers that since 2014 share the same dream: make technology a safer place.
Every day, we work side by side with our customers to help them safely navigate digital opportunities, while growing their business.
Cleafy has recently secured a €10 million Series A capital raise from United Ventures to fund its international expansion.
Job Description:
We are looking for a highly skilled Security Engineer to join our Security & Compliance team. The ideal candidate will possess a strong technical background, particularly in cloud security technology.
You will be responsible for implementing, managing, and monitoring security measures to protect our cloud infrastructure, network, systems, and data.
Responsibilities:
Implement, maintain and monitor robust security measures within the cloud, particularly on Google Cloud Platform (GCP).
Implement, maintain and monitor security controls within CI/CD pipelines (Bitbucket, Terraform, Jenkins), and assist in the SSDLC process (Threat Modelling, SAST, DAST, SCA).
Conduct regular security assessments. Implement strategies to mitigate identified threats and vulnerabilities.
Harden endpoint devices, particularly Macs, by implementing appropriate security configurations and controls (CIS).
Monitor and respond to security incidents and alerts as L2, ensuring timely resolution and minimal impact.
Work closely with IT and Engineering teams to ensure applications and systems are securely designed and implemented.
Assist in the creation and maintenance of security documentation and reports.
Effectively communicate security concepts and solutions to both technical and non-technical stakeholders.
Requirements:
BS/MS in Computer Science, Information Security, or a related field.
3 to 5 years of experience as a Security Engineer or in a similar role.
Strong knowledge of cloud providers, specifically Google Cloud Platform (GCP).
Hands-on experience with firewalls, IDS/IPS, SIEM, XDR and other cloud security tools.
Experience in endpoint device hardening, particularly for Mac environments.
Proficiency in scripting languages (e.g., Python, Bash) for automation.
Experience with securing CI/CD pipelines and implementing security within the SSDLC process.
Knowledge of threat and vulnerability management practices, including conducting assessments and implementing mitigation strategies.
Familiarity with regulatory requirements and industry standards (e.g., ISO27001, SOC2).
Excellent problem-solving skills and attention to detail.
Strong communication and teamwork abilities, with the capacity to explain security concepts to both technical and non-technical stakeholders.
Plus:
Relevant certifications such as Security+, Google Professional Cloud Security Engineer, Certified DevSecOps Professional, etc.
Background as Penetration Tester/Red Team.
Benefits:
Hybrid or remote job. You choose!
Attractive packages based on skills and experience.
International environment with significant challenges to be met every day.
Personalized support to accelerate your professional growth.
Latest technologies and being encouraged to bring your flair to the role.
Working at Cleafy means being part of a group of people that support, respect, and inspire one another, no matter what.
Do you have what it takes to be part of the Cleafy family?
#J-18808-Ljbffr