General

Cloud Security Engineer

Remote   |   Full Time

Working at Thinking Machines

Thinking Machines is a data science startup. Our vision is for the Philippines to become a global hub for data science. To do that, we create data science cultures, one organization at a time. We’re a company made up of intellectually curious, civic-minded, forever-learning individuals. We believe that great data science products are built with care for people and that the best way to drive inclusive innovation is to start with a diverse team.

Our field of work is incredibly dynamic, so we want to work with people who are committed to growing with us. We want to hire people who can demonstrate an ability to learn, then provide them with personalized coaching, growth opportunities, and a great working environment to bring their skills to the next level and develop world-class talent.


Role Description

As a data science consultancy, we regularly deal with tons of data from clients in various industries. Some of this data is more sensitive than others, which means a greater risk when this data is being stored and transmitted. As a Cloud Security Engineer , it’s your duty to ensure that each project meets the appropriate level of digital security required for the nature of its data and infrastructure. This means providing advice for cloud architecture, network configuration and monitoring, and enabling the proper management of secrets, among other responsibilities. This also entails facilitating periodic audits of code and application security at certain points in the project lifecycle.


We also have many employees communicating via various channels and collaborating remotely using multiple tools. It’s your responsibility to make sure that these channels, tools, and integrations meet our privacy and security standards. This means vetting new applications and adjusting to any changes to existing ones.


The world of digital security is ever-changing, and it’s your job to stay updated with the latest best practices and vulnerabilities. You should identify any weaknesses in our extant or upcoming systems and formulate plans to address them in a timely manner. You should also create and disseminate new policies as you see fit, dissolve outdated policies, and educate new and existing employees about how to protect themselves from malicious actors in cyberspace.


Lastly, you should help build and maintain our suite of in-house security monitoring tools that helps us respond to any incidents flagged in real time. You must also proactively and continuously monitor and hunt for potential threats and breaches, creating rules and alerts to detect insecure configurations and malicious activity. You are expected to know how to write code and clear documentation to make it easier to monitor compliance (your job) and comply with security policies (your colleagues’ jobs).


Your day-to-day tasks may look something like this:

  • Respond to incident alerts and coordinate with the relevant engineers to address them

  • Review technical proposals for possible lapses in security

  • Audit a project’s codebase for application security

  • Assist your teammates with setting up secret management, firewall rules, etc. and monitoring that secure configuration is maintained

  • Review requests to integrate services into tools like Slack and GitHub

  • Manage and monitor access control to various services and credentials, including IAM and groups.

  • Draft, update, document, disseminate, and deprecate security protocols

  • Conduct a digital security onboarding session for new employees

  • Write or improve code for monitoring and compliance tools

  • Create mechanisms to alert upon detection of any security threats or infrastructure misconfiguration

  • Read up on news and developments in digital security

Requirements

We are looking for someone who has the following traits:

  • Eye for detail - Should be able to detect security gaps in architectures and their implementation

  • Thorough - Should be able to review technical documents from cover to cover and follow through with any security incidents

  • Process-oriented - Must be able to design and implement security processes and protocols with minimal supervision

  • Pragmatic - Should be able to weigh risks against mitigation efforts and prioritize focus as necessary

  • Proactive - Must have the initiative to pinpoint areas for improvement and look for hidden vulnerabilities

  • Independent learner - Must be capable of learning new tech stacks as necessary to know potential risks and secure configurations

Qualifications and competencies

  • Strong grasp of networking principles, protocols, and best practices

  • Strong grasp of cryptographic algorithms, tools, and best practices

  • Can set up new tools for monitoring and compliance

  • Can build in-house tools from scratch (shell scripts, Python, etc.)

  • Solid written and verbal communication skills, capable of writing clear documentation for security protocols and reports


High preference for candidates that have:

  • Familiarity with common security standards and compliance checklists

  • Experience with cloud security platforms (e.g. GCP Security Command Center)

  • Certifications for cloud security engineering or similar topics

  • Experience with purging secrets from git repositories

Benefits and Perks

We offer the following compensation and benefits:

  • Competitive salary — the compensation amount is positively correlated with the difficulty of the job, relevant experience, fit, and skill factors.

  • Fully remote — due to the global pandemic, we have shifted to a fully remote company for the foreseeable future while we monitor the situation.

  • Individual professional development budget— an annual budget for conferences, training courses, books, and software is available to sharpen your skills and build new ones to help you grow in your role.

  • Full health benefits — generous health insurance package

Submit Your Application

You have successfully applied
  • You have errors in applying
Other Portfolio Samples
If you have other portfolio samples you'd like to share, you can upload them here

References

First Contact Questions