Perform Threat Modelling of architectural infrastructure changes and new cloud infrastructure and Kubernetes deployments in GCP and AWS.
Design, implement, and manage robust security controls and configurations for our GCP and AWS environments.
Develop and maintain secure Infrastructure as Code (IaC) using Terraform and tools.
Implement, manage, and enhance Cloud Security monitoring using DataDog, including alert configuration, response procedures and not just rely on out of box (OOTB) rules.
Implement and manage Just-in-Time (JIT) access solutions for elevated privilege access to cloud resources.
Establish and manage the cloud incident management process and program, including leading incident response activities for cloud security events.
Collaborate with infrastructure and development teams to integrate cloud security best practices throughout the infrastructure lifecycle.
Research and evaluate emerging cloud security threats and vulnerabilities, and develop effective mitigation strategies.
Develop and deliver cloud security training and awareness programs to engineering and relevant teams.
Contribute to the development and maintenance of cloud security standards, policies, and documentation, ensuring they are up-to-date.
Manage the future of our cloud security posture, driving continuous improvement and strategic initiatives.
Accurately document cloud security configurations, processes, and knowledge, and effectively disseminate this information to other teams.
Conduct vulnerability assessments and drive remediation for cloud infrastructure.
Support requirements and evidence requested from auditors, compliance and regulators.

Requirements

You have extensive experience in Cloud Security, with deep expertise in GCP and AWS.
You possess a strong understanding of Threat Modelling principles and their application to cloud infrastructure and architectural designs.
You have hands-on experience with cloud security tools and technologies, including DataDog for security monitoring and Terraform for Infrastructure as Code.
You have proven experience in designing, implementing, and managing cloud security controls and configurations.
You have experience with Identity and Access Management (IAM) in cloud environments, including the implementation and management of Just-in-Time (JIT) access solutions.
You have a proven ability to establish and manage incident response programs specifically for cloud environments.
Proficiency in scripting or programming languages relevant to cloud automation and security (e.g., JavaScript, Python, Go, or similar) is a plus.
You are comfortable explaining technical security concepts, vulnerabilities, and effective mitigations to diverse audiences.
You are self-motivated, can work independently and effectively in a remote setting while maintaining a team-focused mindset.
You are highly skilled in documenting security processes and configurations and effectively sharing knowledge with other teams.
Nice-to-have experience: You have a good understanding of cryptography and its applications in cloud security.
You contribute to the security community (e.g., open source projects, conference talks, CTFs).

Benefits

Competitive salary package
Equity package: We believe financial freedom starts with our employees, so all employees have ownership at MoonPay
Pay for performance equity bonus: Those who drive outsized outcomes receive outsized rewards
Moonshot award. We honor exceptional impact - 10 employees twice a year, each earning a $250,000 equity grant.
Unlimited holidays: We give you the autonomy to choose when to work (and when to switch off)
Hybrid working schedule: Work fully remotely or your nearest Moonbase, the choice is yours
Private Healthcare benefits: To protect you and your loved ones
Enhanced parental leave: So you can spend more time with your loved ones without a second thought
Annual training budget: We support your training journey every step of the way
Home office setup allowance: Create the home office of your dreams
Remote working allowance: Those working fully remotely get a little extra for utilities
Monthly budget to spend on our products and zero fee crypto transactions: Cultivate your inner DEGEN
Employee referral programme: Great people know great people, refer them to receive 10K in USDC
Regular remote company offsites: Meet your colleagues regularly for high impact in person sessions and hackathons
Working in a disruptive and fast-growing company where excellence is rewarded

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Cloud SecurityThreat ModellingInfrastructure as CodeTerraformIdentity and Access ManagementJust-in-Time access solutionsIncident responseVulnerability assessmentsScriptingProgramming languages

Soft Skills

CommunicationSelf-motivatedTeam-focusedDocumentationCollaborationTraining and awarenessResearch and evaluationContinuous improvementProblem-solvingTechnical explanation