REIMAGINE TRUST
Incode is the leading provider of world-class identity solutions that is reinventing the way humans authenticate and verify their identities online to power a world of digital trust.
Through our revolutionary identity solutions, we are unleashing the business potential of universal industries including finance, government, retail, hospitality, gaming and more, by reducing fraud and transforming human interactions with data, products, and services.
We’re in the process of rapidly scaling our diverse global team and we’re looking for entrepreneurial individuals and leaders who are curious, driven, and excited by ownership to join a Unicorn-status scale-up!
The Opportunity
We are looking for a trustworthy and proactive Cloud Security Architect with at least 5 years of experience as a security architect in cloud technologies like AWS with the ability to own their field of work. The cloud security architect manager can expect to work on a wide array of projects, from implementing cloud for major clients, owning company-wide deployments, providing administrative support, and providing guidance on best practices such as the cloud SME. Their responsibilities usually include owning implementations and deployments of azure on the cloud and serving as a subject matter expert for the team.
To be successful as a cloud security architect, you should have exceptional foresight, great communication skills, working knowledge of azure and how they relate to one another, and an aptitude for managing projects. Ideally, candidates will have proof of their technical and project management skills, and an appreciation for the complex nature of the industry.
Responsibilities
- Identify, suggest, and implement security improvements to Incode’s current operations and infrastructure.
- Evaluate new solutions and tools in AWS, Azure, and other clouds, and develop security frameworks that enable Incode to introduce these technologies in a secure manner.
- Continuously implement the latest cloud security standards and build supporting documentation and reference architectures for technical and non-technical audiences.
- Drive cloud security strategy and roadmap.
- Learn continuously to maintain and broaden cloud security architecture expertise
- Continuous monitoring of security and infrastructure alerts, investigation of root causes, documentation of the findings.
- Assist with strategies for migration to Kubernetes.
- Implement alerts for infrastructure monitoring, access attempts, and changes to configurations that deviate from established baselines.
- Design cloud-native architectures to meet business and security requirements, while appropriately managing risk.
- Collaborate in the implementation and improvement of continuous integration, testing (including security), delivery, and deployment pipelines.
- Provide responses to security questionnaires, audits, and other security related questions.
- Work closely with Product, DevOps, IT Compliance, and other areas to ensure security and privacy requirements are met in the development of the product and in the deployment of infrastructure that supports the product.
Requirements
- Experience working in an Agile/Scrum Environment
- Specialist in AWS Cloud computing technologies, including 5 years of experience with infrastructure AWS services like VPC, subnets, route tables, EC2 instances, ECS with EC2 and Fargate, ELB (Application, Network and Classic), Cloudwatch, Systems Manager, VPN, Transit Gateway, CloudFront, API Gateway.
- Demonstrated experience with AWS Security Services (AWS Shield, AWS Trusted Advisor, Macie, IAM, AWS WAF, CloudTrail).
- Knowledge of AWS Security services: IAM, Secrets Manager, GuardDuty, Inspector, Macie, Certificate Manager, KMS, WAF & Shield, Firewall Manager, Audit Manager, Detective, Artifact, Cognito.
- Knowledge of AWS Well Architected Framework and Cloud migration industry best practices.
- Technical writing skills for documenting environments and operating procedures.
- Extensive experience with industry compliance and security standards including PCI DSS, SOC2, ISO 27001, NIST 800-53.
- Experience working with containers and related technologies: Docker, Kubernetes, ECS, EKS.
- Linux and Windows administration experience.
- Experience with DevOps and DevSecOps.
- Experience with continuous security practices, including threat modeling, threat and vulnerability management, secure coding practices, and automated penetration testing.
- Experience with security solutions such as WAF, IPS, and anti-DDOS systems.
- Extensive experience with IT Compliance and risk management requirements.
- Experience with network security platforms.
- Extensive experience with encryption in-transit and at-rest practices, as well as certificate and secrets management, security event & incident management (SIEM) platforms.
- Extensive experience with infrastructure automation, infrastructure as code, automated application deployment, monitoring/telemetry, logging, reporting, and continuous delivery technologies.
- Infrastructure as code relating to these technologies: AWS-CLI with scripting, Bash, Python, CloudFormation, Terraform.
- Experience performing security assessments.
- Extensive implementation experience with enterprise security solutions, privilege management, identity management and federation systems.
- Experience with continuous integration, continuous deployment, continuous testing as well as experience with tools like AWS CodeDeploy , CodePipeline, CircleCI, Jenkins, GitHub, DockerHub.
-
Preferred Experience and Certification:
- Experience as a thought leader to a talented group of engineers
- CISSP, CISA, CISM, IS027001 LA/LI, SANS (or equivalent experience)
- AWS Certified Solutions Architect – Associate (or equivalent experience)
- AWS Certified Solutions Architect – Professional (or equivalent experience)
- AWS Security – Specialty (or equivalent experience)
Benefits & Perks
- Meaningful Equity
- Flexible Working Hours & Workplace
- Open Vacation Policy
- Wellness Program
- International Travel Opportunities
- Additional benefit package according to location (401k, medical insurance, etc.)
8 Aspects of our Culture:
- Values are what we value
- High performance
- Freedom & responsibility
- Context, not control
- Highly aligned, loosely coupled
- Continuous Feedback
- Pay Top of Market
- Promotions & Development
- Learn more about Life at Incode!
Equal Opportunities:
Incode is an equal opportunity employer, committed to creating a diverse and inclusive work environment. We take great pride in having an inclusive, diverse, and global team and are always on the lookout for talented, passionate people from all backgrounds and walks of life.
Applicant Data Privacy:
We will only use your personal information in connection with Incode’s application, recruitment, and hiring processes.