Cloud Security Engineer

We are seeking a highly motivated and skilled Cloud Security Engineer to join our growing team. In this critical role, you will be responsible, among other things, for ensuring the security of our cloud environments and applications throughout their entire lifecycle. You will work closely with R&D, DevOps, and other teams to embed security into every stage of the development process, from design and development to deployment and operations.

Responsibilities:

• Design & implement secure cloud architectures, configurations across AWS
• Ensure compliance with relevant security standards (e.g. ISO 27001, SOC 2, GDPR).
• Participate in design & implementation of security technical controls for cloud-native services 
• Work closely with R&D, DevOps to integrate security into the software development lifecycle. Communicate security risks and recommendations effectively to both technical and non-technical audiences.
• Participate in security reviews of code, infrastructure, and designs. Advocate for and implement security best practices throughout the development process.
• Monitor cloud environments for security threats, including malware, vulnerabilities, and suspicious activity. Investigate and respond to security incidents within cloud environments.
• Implement and maintain security information and event management (SIEM) integration for cloud environments with cooperation with SecOps & InfoSec.
• Conduct regular security assessments and ownership on the penetration testing of cloud environments, applications, Infrastructure-as-Code. Implement and maintain vulnerability scanning and remediation processes.
• Experience implementing and managing CSPM and CNAPP RunTime tools to continuously monitor and assess the security posture of cloud environments.
• Open Source Security - Understand and address security risks associated with the use of open-source software. Stay informed about and mitigate vulnerabilities in open-source components.

• 2-4 years of experience in cloud security engineering or a related field.
• Strong understanding of cloud computing concepts and technologies (AWS, GCP).
• Experience with scripting languages (e.g., Python, NodeJS) automation tools.
• Knowledge of security frameworks and standards (e.g., NIST, ISO 27001, CIS Controls).
• Experience with containerization technologies and orchestration platforms.
• Excellent communication and interpersonal skills.
• Strong analytical, problem-solving skills & Ability to work independently and as part of a team
• Experience with DevSecOps methodologies and tools.
• Knowledge of AI/ML concepts and their application in cybersecurity.

ActiveFence is the leading tool stack for Trust & Safety teams, worldwide. By relying on ActiveFence’s end-to-end solution, Trust & Safety teams – of all sizes – can keep users safe from the widest spectrum of online harms, unwanted content, and malicious behavior, including child safety, disinformation, fraud, hate speech, terror, nudity, and more.

Using cutting-edge AI and a team of world-class subject-matter experts to continuously collect, analyze, and contextualize data, ActiveFence ensures that in an ever-changing world, customers are always two steps ahead of bad actors. As a result, Trust & Safety teams can be proactive and provide maximum protection to users across a multitude of abuse areas, in 70+ languages.

Backed by leading Silicon Valley investors such as CRV and Norwest, ActiveFence has raised $100M to date; employs 300 people worldwide, and has contributed to the online safety of billions of users across the globe.