Cloud Security Engineer

At Littlepay the security of our platform and customer’s data has always been our highest priority and we're now looking for a motivated and enthusiastic Cloud Security Engineer to join our team. This role offers an exciting opportunity to contribute to the technical direction and development of our platform, working on leading edge technology to fulfill business needs. You will provide expertise in the engineering team to ensure the ongoing security of our platform and our delivery against information security best practices.

About you

You are a hands-on engineer, passionate about security by design, quality and continuous improvement. You are a self-starter, capable of thinking strategically and operating proactively in a dynamic environment. You enjoy solving complex and interesting problems in an agile team setting. On a typical day you might find yourself:

  • Working with product management and engineering to ensure a new product feature is secure by design
  • Explaining the pros and cons of various cryptographic algorithms for a particular use case
  • Working with DevOps to automate checks that prove compliance with our security policies
  • Reviewing changes in network ACLs to ensure proper segmentation.
  • Proving the TLS cipher-suites supported by a Java microservice comply with best practices
  • Advising the engineering team on the impacts of a newly disclosed vulnerability, and recommending a mitigation strategy
  • Auditing IAM policies to ensure that the principle of least privilege is being applied.

Your experience

  • Development experience with Java, Python, Docker
  • Appreciation of the AWS shared responsibility model and the applications of this model on security and compliance when using containers, managed services and serverless architecture
  • A solid understanding of information and cyber security related topics with a focus on cloud controls, design, incident handling procedures and management
  • Relevant AWS technologies: KMS, CloudHSM, CloudTrail, IAM, ECS, Lambda, RDS, S3, API Gateway
  • PKI, Hardware Security Modules (e.g. Thales, AWS CloudHSM)
  • Security testing and monitoring tools (NIDS, HIDS, pentest tools, scanners, etc)
  • Bachelor level degree or higher in Computer Science, Software Engineering, IT or similar
  • Key management e.g. ANSI X9 24, ASC TR-31, DUKPT
  • Working in a professional environment under compliance frameworks such as PCI-DSS, ISO 27001/02
  • A professional certification such as CISSP or other technical certification is highly desirable.