Cloud Security Engineer

Location: Bucharest, Romania

Department: Information Security

About the job

The world’s most critical--and at-risk--business applications have been neglected for far too long. Onapsis eliminates this blind spot by providing cybersecurity solutions dedicated to business-critical applications. Whether running on-premises, in the cloud, or in a hybrid environment, Onapsis helps nearly 30% of the Forbes Global 100 understand the threats and risks across their SAP and Oracle landscapes. 

What you will be doing, your legacy: 

Key activities and responsibilities:

• Cloud Security Governance: Define, implement, and maintain cloud security governance frameworks, ensuring policies, standards, and controls are consistently applied across all cloud environments.
• Security Architecture Implementation: Design, develop, and implement security architectures and processes for the cloud.
• Security Tool Deployment: Recommend and install appropriate tools and countermeasures to protect cloud environments.
• Vulnerability and Risk Assessment: Coordinate and perform vulnerability testing, risk analysis, and security assessments on cloud environments.
• Incident Response Collaboration: Work together with the SOC Team to define the cloud security incident response plan and analyze cloud security breaches to determine root causes.
• Standards and Guidelines Development: Develop and publish Cloud Security standards, guidelines, and recommendations based on best practices and compliance requirements to stakeholders, and IT departments.
• Training and Awareness: Train fellow employees in cloud security awareness, procedures, and best practices.
• Cloud Security Research: Continuously research the latest cloud security trends to keep the organization updated.

Requirements:

• 3+ years of technical experience establishing and implementing security best practices in cloud environments, including AWS, GCP, and Azure.
• Hands-on experience using cloud-native security tools, such as Cloud IAM, Threat Intelligence, Audit Logs, etc, to monitor, detect, and respond to security threats.
• Solid understanding of network and security protocols, including TCP/IP, SSL/TLS, IPSec, DNS, and routing concepts.
• Knowledge of Infrastructure as Code (Terraform) and/or Containers Orchestration (Docker & Kubernetes).
• Practical experience automating security tasks using languages like Python.
• English proficiency to effectively communicate in a global, cross-functional team.
• Strong analytical thinking, attention to detail, and eagerness to learn in a dynamic security environment.

Desired skills or interests in:

• Practical experience working in an agile environment, with the ability to adapt to dynamic priorities and deliver results in fast-paced settings.
• Knowledge of information security standards such as ISO 27001, NIST 800-53, and CIS Critical Security Controls, with a strong understanding of related principles for risk identification and security analysis.
• Experience with identifying and resolving network-related issues.
• Relevant certifications in cloud environments. security, and networking.

What we offer: 

• A role in shaping the future of protecting the most critical applications that run the world's business and a career that grows as the company grows.
• A unique culture of high achievement and teamwork.
• Supportive and humble colleagues are the space's top problem solvers and innovators.
• Financial security through competitive compensation and incentives.

Onapsis established a new development center in Bucharest. This is a hybrid role, so candidates must be commutable to Bucharest. 

Please note that the role is available exclusively under an employment contract (CIM), with no B2B option offered.

About Onapsis:

Onapsis protects the business applications that run the global economy. The Onapsis Platform delivers vulnerability management, change assurance, and continuous compliance for business applications from leading vendors such as SAP, Oracle, and others. The Onapsis Platform is powered by the Onapsis Research Labs, the team responsible for the discovery and mitigation of more than 1,000 zero-day vulnerabilities in business applications.

Onapsis is headquartered in Boston, MA, with offices in Heidelberg, Germany and Buenos Aires, Argentina, and proudly serves hundreds of the world’s leading brands, including close to 30% of the Forbes Global 100, six of the top 10 automotive companies, five of the top 10 chemical companies, four of the top 10 technology companies, and three of the top 10 oil and gas companies.

For more information, connect with Onapsis on LinkedIn or visit https://www.onapsis.com.

#LI-AC1

#Hybrid