At BandLab Technologies, we are committed to delivering innovative solutions that prioritize security and user trust. As we expand our product offerings, we recognize the critical importance of safeguarding our cloud infrastructure. We are seeking a Cloud Security Engineer to join our backend team and lead our cloud security initiatives.
In this role, you will focus exclusively on securing our products and development processes, ensuring they remain resilient against evolving security threats. This is not an IT security role; it does not involve managing organizational devices, corporate accounts, or office networks. Instead, you will contribute to impactful projects that protect the core of our business, working within a collaborative environment that values innovation, knowledge-sharing, and professional growth. If you’re ready to make a tangible difference and grow alongside a supportive team, we’d love to hear from you.
Key Responsibilities
Security risk management
- Identify and assess security risks and vulnerabilities across our multi-cloud environments (AWS, Azure, GCP).
- Develop and implement strategies to mitigate identified risks.
Security enhancement projects
- Plan, coordinate, and execute security enhancement projects from initiation to completion.
- Collaborate with engineering teams to integrate security best practices into the development lifecycle.
Infrastructure security
- Utilize Infrastructure as Code (IaC) methodologies to design and maintain secure cloud infrastructure.
- Develop tools and procedures for managing permissions and access controls.
Vulnerability management
- Conduct Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST).
- Perform penetration testing and configuration assessments to identify security weaknesses.
- Review vulnerability reports and guide remediation efforts.
Incident response
- Monitor systems for security breaches and respond to incidents promptly.
- Configure and manage Security Information and Event Management (SIEM) systems.
- Develop strategies to prevent future security incidents.
Compliance and documentation
- Ensure adherence to relevant security regulations and standards.
- Maintain and update security policies and procedures.
- Prepare for and facilitate security audits.
Required Skills, Knowledge and Expertise
Experience
Minimum of 3 years in cloud security roles, with hands-on experience in architecting and implementing security solutions in at least one major cloud provider environment.
Analytical skills
Ability to define risks, identify threats, and develop actionable mitigation plans.
Adaptability
Comfortable working with various tech stacks and tools.
Technical proficiency
- Strong understanding of networking, client-server communication, and authentication protocols (e.g., OAuth/OpenID, SAML, SSO).
- Proficiency in Infrastructure as Code (IaC) tools and methodologies.
- Programming skills in languages such as Python, JavaScript/TypeScript, Java, C#, or Go.
- Experience with cloud monitoring and logging tools like Azure Log Analytics (Kusto), Google BigQuery (SQL), or AWS CloudWatch Logs Insights.
- Experience with serverless architectures and related technologies.
- Familiarity with containerization and orchestration tools, such as Kubernetes.
- Knowledge of cloud-native security services like AWS GuardDuty, Microsoft Defender, or GCP Security Command Center, Wazuh.
