By browsing our website, you consent to our use of cookies and other tracking technologies. For more information, read our Privacy Policy.


  • Perform vulnerability assessments & penetration testing (VAPT) of web & mobile applications; cloud infrastructure. Provide vulnerability remediation strategies to engineering teams and verify security patches.
  • Own and manage our security vulnerability monitoring and intrusion detection systems, with issues being fixed proactively.
  • Implement innovative security solutions with an emphasis on automation.
  • Build and manage in-house monitoring systems, which includes cloud networks.
  • Work closely with engineering teams to ensure we are considering security when architecting and building new systems.
  • Act as internal DevSecOps evangelist, demonstrating the benefits of embedding security and compliance into DevOps and Data.
  • Automate security and compliance checks on cloud platforms.
  • Evaluate and recommend new and emerging security products and technologies
  • Maintain documentation of security policies and internal tools.
  • Acquire industry-recognized, professional cloud certifications (AWS/Azure/Google) in the capacity of developer or architect.
  • Devise multi-region technical solutions, with the possibility of onsite assignments.
  • Flexible working hours and business travel as needed.
  • Join a young and vibrant team, work in a geeky and fun environment.

Required Skill Set:

  • Experience in performing security vulnerability assessments & penetration testing of cloud infrastructure.
  • Detecting privilege escalation of cloud infrastructure and rapid remediation
  • Define and implement access control applications, not limited to cloud infrastructure.
  • Passion for DevOps and strong skills in at least one scripting language (Python preferred).
  • Experience on Docker and Kubernetes (containerization) security.
  • Write and maintain relevant documentation.
  • Work closely with engineering teams to ensure we are considering security when architecting and building new systems.

Nice-To-Have/Working knowledge

  • The CLI/SDK/API of at least one public cloud (AWS, Azure, GCP)
  • Zero Trust Model and Zero Tolerance Policy
  • Security Certification on any public cloud.
  • Working knowledge of Metasploit and OWASP.
  • Experience with CI/CD - Deployment pipeline security (Jenkins, Ansible, Terraform).
  • Scalability, HA and troubleshooting of web-scale applications.
  • Monitoring and alerting systems: e.g. NewRelic, AWS CloudWatch, Google StackDriver, Graphite, Nagios/Icinga.
  • Databases: SQL, NoSQL, ELK/EFK, MongoDB, PostgresSQL or other SQL systems.
  • Working knowledge of version control system, preferably git.
  • Ability to communicate technical security requirements to technical and non-technical personnel.

Equal Opportunity

Our mission is to unlock the human potential for creative, strategic, and sustainable impact by eliminating cloud and IT operations that are repetitive and devoid of value. To accomplish this mission, we need to include humans from all walks of life. So, we actively seek to promote and celebrate diversity and inclusiveness in our embrace of human talent.

We welcome you as you are without regard to your gender, race, caste, color, age, sexual orientation, country of origin, religion, physical or neurological challenges, veteran status, or marital status.

Interested in this role?

CloudCover might be the right place for you, click on the apply button below and send in your resume.