Senior Cloud Security Engineer

THE ROLE

Youll design implement and maintain defensive security controls that protect our high-availability multi-cloud payment systems built on modern technologies. Your deep understanding of current threats exploitation methods and risk trade-offs will enable you to guide engineering teams on effective security features and ensure the right defensive measures are prioritised.

WERE LOOKING FOR

Essential

• You live on the linux command line
• Your current research and experience back up your opinionated views on security practices and tradeoffs which you love to openly debate and willingly share
• Youre sought after for your security engineering expertise having built multiple security controls that are actively proven in large production estates
• Your security expertise extends to at least one public cloud including essential security features and long-term security hardening practices
• You appreciate building systems with good engineering practices and may have a background in software engineering at scale
• Youre open to being a part of our on-call rota ready to respond if we have a severe platform-impacting security tooling failure or need second-line security incident response assistance

Desirable

• You have an interest in offensive security potentially including participation in CTFs and past experience as a red team operator or pen tester
• Youve developed security configurations in multiple public and private clouds
• Youre a confident presenter and have accelerated appreciation of security across engineering teams
• You regularly support building and analysis of threat models using a well defined process
• You have experience securing data centers and networking devices
• Youre terrified by supply chain and CI/CD security but have good patterns for reducing the risks
• Your engineering experiences matches Form3s tech stack including Golang and Terraform

TECH STACK

• AWS GCP Azure and private Data Centers
• Kubernetes Helm Flux
• Distributed systems mostly Golang based with CockroachDB and NATS
• SIEM/SOAR EDR CNAPP and a suite of open source tools with custom integrations

THE TEAM

You will join a team of defensive security engineers directly maintaining and expanding security controls as well as advising the wider platform and application engineers within our R&D team. We report into the CISO and work alongside the other functional pillars of InfoSec.

INTERVIEW PROCESS

Stage 1: Screening Call with Talent Team

Stage 2: Technical Interview Building secure cloud architectures & team alignment

Stage 3: Technical Interview Container and Linux Security including a short pre-interview research topic

We always aim to stick to the above process however there may be occasions when an additional interview stage is needed for us to be sure were hiring the right person!

HIRING LOCATIONS

We are a remote-first organisation and are able to accept applications from the following countries; Germany Netherlands Spain Portugal & UK

ABOUT FORM3

Revolutionising the world of payments with our cutting-edge technology and innovative solutions. For more information about life at Form3 check out the following pages:

What we do Life at Form3 Benefits Flexa-verified employer Podcasts

Required Experience:

Senior IC