Security Cloud Engineer
- Worldwide
Finalis is building the largest investment banking platform in the world.
We deliver a one-stop-shop to engage with and drive results for independent M&A advisories, placement agencies, and boutique investment banks. Finalis provides a network for them to synergistically collaborate with each other. We are replacing a fragmented and rigid infrastructure with a unified and customizable white-labeled platform that enables the next generation of dealmakers to win and close more deals.
Join us in disrupting the securities industry, for good.
As Finalis continues to rapidly grow, we seek to bring on a skilled Security Cloud Engineer. Be part of the team harnessing the full power of the cloud to create extraordinary new value for the world 's leading organizations. From architecture professionals, data security specialists to software developers, you'll join the best in the industry, leveraging agile methodologies across the technology stack to drive 360˚ value for clients.
Job Responsibilities:
-
Participate in compliance enforcing security standards such as SOC2 and ISO 27001.
-
Contribute to design the infrastructure architecture and suggest recommendations on security aspects. Contribute to threat modeling and attack surface analysis.
-
Assess security risks and their impact on applications and infrastructure using tools such as Nessus, Burp Suite, NMAP, OWASP ZAP, etc.
-
Monitor and analyze system alerts to identify and block malicious behavior and activities.
-
Execute incident response plans, identify root cause and drive mitigations to prevent future incidents.
-
Document all actions taken as part of the investigation, such as work instructions.
-
Continuously improve processes through automation and creation of tools using Python, Go or similar.
-
Generate vulnerability, configuration, and coverage metrics and reports to demonstrate assessment coverage and remediation effectiveness for systems and infrastructure.
-
Assist with the development of processes and procedures to improve threat and vulnerability management and security center operations
-
Educate and advocate for improved security throughout the data ecosystem.
-
Hardening Cloud infrastructure.
-
Generate security incident reports, security assessment reports, security procedures.
Required skills:
-
Hands-on experience hardening cloud servers, Docker Containers, and K8S.
-
Knowledge of OWASP application security standards, CIS Benchmarks, etc.
-
Experience in planning and testing for business continuity and disaster recovery
-
Experience with network and endpoint security tools such as EDR, IDS, SIEM, WAF.
-
Experience using AWS security tools.
-
Understand vulnerability assessments and experience in red teaming and penetration testing used to identify weaknesses and mitigations.
-
Security Event Management: Triage, analysis and response activities.
-
Knowledge of scripting languages such as bash, Python, GO, etc.
-
Excellent communication skills (written and verbal) as well as comfort and experience in delivering presentations.
-
Ability to quickly adapt to changing priorities, demands, and timelines through analytical and problem-solving capabilities.
Education:
-
Graduated and/or student of careers related to Systems.
-
Security related certification such as CEH, CISM, CCSS, CCCA, CCCS, CompTIA Security+, CISSP, GSEC etc. (Desirable)
-
AWS Infrastructure Certifications Desirable: AWS Solution Architect, AWS Security Specialist. (Desirable)
-
A minimum of 3 years of experience.
Benefits:
-
Competitive USD salary
-
Flexible working hours
-
100% Remote work
-
Generous paid vacation
-
Personal growth budget
-
Inclusive and diverse environment to develop your skills at its maximum potential
-
Focus on your career growth
-
Enriching learning and development opportunities