Senior Cloud Cybersecurity Engineer

The Role

At Frankie One, where we revolutionise identity verification and onboarding to be swift, seamless, and scalable, your role as a Senior Cloud Cybersecurity Engineer is crucial. You'll be at the heart of ensuring that our platform and supporting infrastructure is well protected against external threats, is secure by design and that high levels of general security awareness is maintained throughout the organisation. This role offers an exciting opportunity to play a key role in shaping the security strategy of a growing startup

Reporting to the CISO, the Senior Cloud Cybersecurity Engineer will be responsible for multiple key aspects of the security operations and cloud architecture, enhancing threat detection capabilities and incident response, vulnerabilities management and identity and access management. You'll play a critical role in protecting our customer and employee data, achieving our security objectives, and implementing robust security controls to ensure the resilience of our platform and systems.

Your Ticket to Success:

Be an advocate. For Frankie One, for the product, for our people, and for our values.

You are an experienced and passionate for technology and security Senior Cloud Cybersecurity Engineer (or a Senior Cloud Engineer with an affinity for security).

You have a strong technical background in securing the cloud (ideally deep AWS experience), cloud services, tools and platform as well as in application security, identity management and access controls, endpoint protection, incident response, vulnerability management, various security technology, and applying a proactive approach to identifying and mitigating risks.

You will have excellent analytical and problem-solving skills; be proactive, with the ability to work autonomously, with a sense of urgency and positive attitude, to prioritize and manage multiple tasks in a fast-paced environment.

You will also have strong written and verbal communication skills, along with a proven ability to build and manage relationships with different stakeholders and collaborate effectively with cross-functional teams In this role you will need to help developers, operations teams and internal users understand the importance of good security practices when building, maintaining and using our product and systems.

Responsibilities

• Develop and implement security policies, procedures, and standards to safeguard the organisation's systems, AWS cloud infrastructure, and data aligned with our Information Security Strategy and Roadmap.
• Key member of the response team in the event of information security incidents and breaches.
• Conduct regular security assessments (e.g. threat modelling, architecture reviews etc.) and vulnerability scans to identify and address potential risks and weaknesses and to ensure compliance with relevant industry standards and regulations.
• Design, configure and maintain security solutions like XDR, CNAPP, SIEM, AWS Security Features, Identity and Access Management, MDM, SASE etc. to protect against threats like malware, ransomware, and unauthorised access as well as to monitor and analyse security logs and alerts to detect security risks and respond to security incidents in a timely manner.
• Collaborate with our Cloud Platform, Engineering Group and People teams on security controls and implementing best practice across Infrastructure Operations, Application Development and People provisioning/deprovisioning.
• Collaborate, coach, and assist teams in solving security issues in a manner that complies with business requirements and to ensure cybersecurity best practices are integrated across the organisation and are aligned to relevant information security standards and regulations.
• Stay abreast of emerging threats, vulnerabilities and security trends and advancements to continually enhance the organisation's security posture.
• Participate in security audits and compliance assessments to ensure adherence to regulatory requirements and industry standards.
• Able to work after hours and be on call periodically for large / critical system configuration and migration work.
• Will have made a point of automating as much of your job as possible through scripting and tools, so as to focus on the truly important tasks

In a Previous Life You Have:

• A bachelor's degree in Computer Science, Cyber Security, Information Technology, or related field is desirable, but not mandatory.
• A minimum of 5 years of experience in cloud-centric information security roles ( ideally with AWS), with a focus on security operations, vulnerability management, or incident response.
• Advanced understanding of security principles, protocols, cryptography, and cloud security concepts and technologies.
• Advanced understanding of secure software architecture practices and Dev Sec Ops practices.
• Advanced understanding of Identity Management and Access Control
• Proficiency in setting up and administering security tools and technologies such as firewalls, WAFs, intrusion detection/prevention systems , endpoint security solutions, and SIEM/SOAR platforms.
• Advanced understanding of security frameworks and methodologies - OWASP Top 10, MITRE ATT&CK, Cyber Kill Chain, etc.
• Proficient in scripting with Bash and/or Python to automate SOC processes.
• Familiarity with security frameworks and standards such as NIST, ISO 27001, SOC 2 or similar.
• Industry certifications such as CISSP, CISM, or GIAC.
• Experienced in fast-paced, cross-functional teams, utilising agile methodologies with strong communication skills.

Department Engineering Locations Philippines, Indonesia Remote status Fully Remote

Job ID r Fdquz4k O0jo