The Cloud Application Security Engineer will ensure that cloud environments and software developed by engineering teams meet security standards and protect information.
This position will involve hands-on work when necessary, collaboration with engineers, and the establishment of security processes.
The role will significantly impact the organization's security standards.
Responsibilities include assisting engineers in creating secure pipelines, supporting and tuning security tools, identifying vulnerabilities, and supporting team leads in rectifying issues.
The engineer will provide support for cloud/application security reviews, threat modeling, and resolving security issues.
The role involves working on security projects to ensure timely completion and driving security into the systems development life cycle.
Contributions to security policies, standards, procedures, and guidelines are also expected.
Requirements:
Advanced/fluent English skills are mandatory, with excellent written and verbal communication abilities.
A strong Development/DevOps/Engineering background with experience in Python is required.
Experience with cloud technologies, preferably AWS and Azure, is necessary.
Familiarity with CI/CD pipelines is essential, with GitLab experience being a plus.
Experience with Infrastructure as Code (Terraform or similar) is required.
A solid understanding of the underlying infrastructure that applications rely on, including cloud computing, storage, DNS, and networking, is necessary.
The ability to fix code and work directly with engineers, as well as the capability to code/script solutions and push for automation, is essential.
Understanding of secure software development practices, including threat modeling, secure design principles, secure coding, code analysis, security testing, and Application Security automation, is required.
Nice-to-have certifications include GCLD, GCPN, GPCS, GCSA, GWEB, CCSP, or other related security certifications such as CISSP or CISM, with OSCP candidates being strongly considered.
Proven ability to communicate technical issues to both technical and non-technical audiences is necessary.
Strong stakeholder management and influencing skills are required.
The ability to work with people across multiple disciplines to create a clear vision and strategy is essential.
Autonomy and self-drive are important traits for this position.
Benefits:
As a Cloud Application Security Engineer at Ubiminds, you will be placed in a product-based company with the same treatment as full-time employees.
You will receive full back-office support, including career guidance, HR, and concierge services.
The company offers a remote-first policy, accommodating a distributed team.
You will be provided with your own MacBook, eliminating the need to bring your own device.
Access to growth opportunities with other technology professionals through tech talks, chapter meetings, and remote happy hours is available.
You can improve your English through free lessons with a native English speaker to enhance your communication skills.
A candidate referral bonus is offered for promoting Ubiminds to your tech friends.
For those who miss working in an office, the Florianópolis headquarters is available, featuring weekly quick massages, tasty snacks, soft drinks, and games.
