cloud security engineer
Bengaluru, Karnataka, India
Posted on Wednesday, January 5, 2022
what is CRED?
CRED is an exclusive community for India’s most trustworthy and creditworthy individuals, where the members are rewarded for good financial behavior. CRED was born out of a need to bring back the focus on a long lost virtue, one of trust, the idea being to create a community centered around this virtue. a community that constantly strives to become more virtuous in this regard till they finally scale their behavior to create a utopia where being trustworthy is the norm and not the exception. to build a community like this requires a community of its own; a community special in its own way, working towards making this vision come true.
here’s a thought experiment: what do you get when you put a group of incredibly passionate and driven people and entrust them with the complete freedom to chase down their goals in a completely uninhibited manner? answer: you get something close to what we have at CRED; CRED just has it better.
here’s what will be in store for you at CRED once you join as a part of the team
what you will do:
- you will work on a diverse domain of information security across the organisation, most importantly infrastructure and data security
- own the cloud security posture management program and concentrate efforts on continuous improvement of the cloud security configurations aligned to global standards like NIST 800-53, ISO 27001, Cloud Security Alliance, etc.
- engineer and uplift adoption of PaaC (Policy as a Code) to continuous monitoring of risk configurations changes.
- be responsible identifying security issues (external as well as internal), help stakeholders to mitigate and at frequent occasions build a solution around some of the complex problem statements implement/maintain security for cloud-based systems/applications in AWS
- conduct security design/infrastructure reviews, security architecture reviews
- translate product requirements into threat models and identifying privacy issues and data leaks
- contribute to the building, operating and maintaining of the cloud security infrastructure to improve prevent, detect and response capabilities.
- build scalable systems which enforce and monitor compliance with your secure baseline, rectify issues automatically and alert on problematic systems.
- automate infrastructure security and develop/implement security automation to solve manual effort on a day-day basis
- build in-house security frameworks to establish a state of art security culture inside tech
- assist with creating security awareness and maintaining prudent security engineering culture within an organisation
- enable compliance in teams and help them achieve some of the industry’s best practices (e.g. PCI DSS, ISO 27001)
you should apply if you have:
- 1-4 years of experience in information security
- proficiency in one or more of the programming languages (python, golang, bash)
- a good understanding of cloud security and a background of working with AWS Security
- the experience to perform automation using Terraform/Ansible/Docker/Kubernetes, and any one CI tools (e.g. Jenkins, CodePipeline, etc.)
- an understanding of concepts like Zero Trust Architecture, defence in depth, SASE.
- the ability to build packages from source code and secure Linux kernel.
- knowledge on eBPF, AppArmour, seccomp, and/or SElinux at scale.
- the drive to influence organisations and stakeholders by practising data-driven approach
- a GitHub profile, blog or a conference presentation
- the ability to be a go-to person and communicate effectively with stakeholders (engineers, product, business teams)
- the zeal to be proactive in keeping yourself updated with security news/issues/breaches/tools/blogs on the internet
how is life at CRED?
working at CRED would instantly make you realize one thing: you are working with the best talent around you. not just in the role you occupy, but everywhere you go. talk to someone around you; most likely you will be talking to a singer, standup comic, artist, writer, an athlete, maybe a magician. at CRED people always have talent up their sleeves. with the right company, even conversations can be rejuvenating. at CRED, we guarantee a good company.
hard truths: pushing oneself comes with the role. and we realise pushing oneself is hard work. which is why CRED is in the continuous process of building an environment that helps the team rejuvenate oneself: included but not limited to a stacked, in-house pantry, with lunch and dinner provided for all the team members, paid sick leaves and a comprehensive health insurance.
to make things smoother and to make sure you spend time and energy only on the most important things, CRED strives to make every process transparent: there are no work timings because we do not believe in archaic methods of calculating productivity, your work should speak for you. there are no job designations because you will be expected to hold down roles that cannot be described in one word. since trust is a major virtue in the community we have built, we make it a point to highlight it in the community behind CRED: all our employees get their salaries before their joining date. a show of trust that speaks volumes because of the skin in the game.
there are many more such eccentricities that make CRED what it is but that’s for one to discover. if you feel at home reading this, get in touch.
See more open positions at CRED
Something looks off?