Cloud Security Engineer

About The Position

Requirements

• You have extensive experience in Cloud Security, with deep expertise in GCP and AWS.
• You possess a strong understanding of Threat Modelling principles and their application to cloud infrastructure and architectural designs.
• You have hands-on experience with cloud security tools and technologies, including DataDog for security monitoring and Terraform for Infrastructure as Code.
• You have proven experience in designing, implementing, and managing cloud security controls and configurations.
• You have experience with Identity and Access Management (IAM) in cloud environments, including the implementation and management of Just-in-Time (JIT) access solutions.
• You have a proven ability to establish and manage incident response programs specifically for cloud environments.
• Proficiency in scripting or programming languages relevant to cloud automation and security (e.g., JavaScript, Python, Go, or similar) is a plus.
• You are comfortable explaining technical security concepts, vulnerabilities, and effective mitigations to diverse audiences.
• You are self-motivated, can work independently and effectively in a remote setting while maintaining a team-focused mindset.
• You are highly skilled in documenting security processes and configurations and effectively sharing knowledge with other teams.

Nice To Haves

• You have a good understanding of cryptography and its applications in cloud security.
• You contribute to the security community (e.g., open source projects, conference talks, CTFs).
• Relevant security certifications (e.g., GCP Professional Cloud Security Engineer, AWS Certified Security - Specialty, SANS) are a plus but not required.
• Your background experience includes working in a disruptive technology environment, ideally within FinTech, SaaS, or Crypto.

Responsibilities

• Perform Threat Modelling of architectural infrastructure changes and new cloud infrastructure and Kubernetes deployments in GCP and AWS.
• Design, implement, and manage robust security controls and configurations for our GCP and AWS environments.
• Develop and maintain secure Infrastructure as Code (IaC) using Terraform and tools.
• Implement, manage, and enhance Cloud Security monitoring using DataDog, including alert configuration, response procedures and not just rely on out of box (OOTB) rules
• Implement and manage Just-in-Time (JIT) access solutions for elevated privilege access to cloud resources.
• Establish and manage the cloud incident management process and program, including leading incident response activities for cloud security events.
• Collaborate with infrastructure and development teams to integrate cloud security best practices throughout the infrastructure lifecycle.
• Research and evaluate emerging cloud security threats and vulnerabilities, and develop effective mitigation strategies.
• Develop and deliver cloud security training and awareness programs to engineering and relevant teams.
• Contribute to the development and maintenance of cloud security standards, policies, and documentation, ensuring they are up-to-date.
• Manage the future of our cloud security posture, driving continuous improvement and strategic initiatives.
• Accurately document cloud security configurations, processes, and knowledge, and effectively disseminate this information to other teams.
• Conduct vulnerability assessments and drive remediation for cloud infrastructure.
• Support requirements and evidence requested from auditors, compliance and regulators

Benefits

• Competitive salary package
• Equity package: We believe financial freedom starts with our employees, so all employees have ownership at MoonPay
• Pay for performance equity bonus: Those who drive outsized outcomes receive outsized rewards
• Moonshot award. We honor exceptional impact - 10 employees twice a year, each earning a $250,000 equity grant.
• Unlimited holidays: We give you the autonomy to choose when to work (and when to switch off)
• Hybrid working schedule: Work fully remotely or your nearest Moonbase, the choice is yours
• Private Healthcare benefits: To protect you and your loved ones
• Enhanced parental leave: So you can spend more time with your loved ones without a second thought
• Annual training budget: We support your training journey every step of the way
• Home office setup allowance: Create the home office of your dreams
• Remote working allowance: Those working fully remotely get a little extra for utilities
• Monthly budget to spend on our products and zero fee crypto transactions: Cultivate your inner DEGEN
• Employee referral programme: Great people know great people, refer them to receive 10K in USDC
• Regular remote company offsites: Meet your colleagues regularly for high impact in person sessions and hackathons
• Working in a disruptive and fast-growing company where excellence is rewarded