Key skills
TypeScriptPythonGoAWSTerraformCloudFormationIAMLeadershipCommunicationNetwork SecurityCloud SecurityWAF
About this role
Cape is a company founded by experts in privacy and national security, focused on building a privacy-centric cellular network. They are seeking an experienced Security Engineer with a specialization in product security to enhance their cloud and application security, reduce risks, and support the organization's objectives through robust security strategies.
Responsibilities:
- Design, implement, and manage robust security controls and policies within AWS, focusing on the confidentiality, integrity, and availability of data and services
- Perform comprehensive security assessments of our cloud environments to identify vulnerabilities, assess risks, and recommend actionable mitigation strategies
- Lead the integration of security practices into the DevOps lifecycle, promoting secure development, deployment, and operational processes
- Utilize and optimize AWS security tools (such as Amazon GuardDuty, Amazon Inspector, AWS IAM, AWS KMS, AWS WAF, and AWS Shield) and explore third-party solutions to bolster our security posture
- Assist in running and address findings from penetration tests and security audits, and ensuring prompt and effective remediation
- Stay informed about the latest security threats, vulnerabilities, and compliance mandates affecting cloud environments, provide strategic guidance on technologies and best practices
- Provide expert mentorship to junior security team members and engineers across the company, to foster an organizational culture of security awareness and continuous improvement
- Collaborate with stakeholders to integrate security requirements effectively into engineering projects and broader business initiatives
Requirements:
- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience)
- A minimum of 5 years of experience in information security, with at least 3 years concentrated on cloud security within AWS environments
- Deep understanding of AWS architecture, security services, and best practices for securing cloud applications and data
- Proficiency in using infrastructure as code (IaC) tools (like Terraform or AWS CloudFormation) and in automating security tasks within AWS
- Skilled in scripting languages (Python, TypeScript, Go) for the automation of security tasks and the integration of security tools
- Familiarity with containerization and microservices, particularly in securing stacks using these technologies
- Solid knowledge of network security, encryption technologies, and secure coding practices
- Excellent analytical skills for identifying and mitigating complex security vulnerabilities and risks
- Strong communication and leadership abilities, capable of working collaboratively across teams and effectively conveying technical information to non-technical stakeholders
- Organized and able to manage multiple priorities in a dynamic, fast-paced environment
- Advanced degrees or certifications (e.g., CISSP, AWS Certified Security Specialty) are advantageous