Cloud Security Engineer
Melbourne, FL, USA · Highbridge, UK
Posted on Thursday, June 8, 2023
At Zeller, we’re champions for businesses of all sizes, and proud to be a fast-growing Australian scale-up taking on the ambitious goal of reimagining business banking and payments.
We believe in a level playing field, where all businesses benefit from access to smarter payments and financial services solutions that accelerate their cash flow, help them get paid faster, and give them a better understanding of their finances. So we’re hard at work building the tools to make it happen.
Zeller is growing fast, backed by leading VCs, and brings together a global team of passionate payment and tech industry professionals. With an exciting roadmap of innovative new products under development, we are building a high performing team to take on the outdated banking solutions. If you are passionate about innovation, thrive in fast-paced environments, embrace a challenge, hate bureaucracy, and can’t think of anything more exciting than disrupting the status-quo, then read on to learn more.
About the role
As a Cloud Security Engineer you will play a critical role in safeguarding our AWS-based systems and ensuring the highest level of security of our infrastructure.
Working alongside a collaborative and passionate team you will be responsible for process automation, designing, developing and maintaining AWS cloud and services related to network, backup, content delivery, vulnerability scanning, config management and application security.
With automation being at the heart of our engineering principles, you will have the enviable opportunity to adopt and promote best practises, collaborating with a cross-disciplinary team to support product development, operations support, compliance activities and SLA upkeep requirements.
Your responsibilities will include:
- Conducting penetration testing and vulnerability assessments on AWS-based systems, applications and networks to identify security weaknesses and potential risks.
- Collaborating with cross-functional teams to address security vulnerabilities and recommending appropriate mitigation strategies.
- Designing, implementing and maintaining security controls for AWS services, including Identity and Access Management (IAM), Virtual Private Cloud (VPC), Security Groups, and Network Access Control Lists (NACLs).
- Monitoring and analysis of security logs and alerts from AWS services and taking appropriate actions to mitigate potential threats.
- Staying up-to-date with the latest AWS security threats and best practices, and proactively implementing necessary countermeasures.
- Providing guidance and support to other teams regarding secure AWS development practices, security guidelines, and threat mitigation techniques.
- Documenting security processes, procedures, and guidelines, and contribute to the development of security policies and standards specific to AWS.
What we are looking for
- Proven experience as an AWS Security Engineer or related role with a focus on penetration testing in an AWS environment.
- In-depth knowledge of AWS services, architecture, and security best practices, including IAM, VPC, AWS Config, AWS CloudTrail, AWS WAF, etc.
- Hands-on experience with penetration testing tools and frameworks applied to AWS environments.
- Strong understanding of common web application vulnerabilities (e.g., OWASP Top 10), network protocols, and security technologies.
- Familiarity with security frameworks and standards, such as NIST Cybersecurity Framework, ISO 27001, and PCI DSS, as applied to AWS environments.
- Experience with scripting and automation using languages like Python, PowerShell, or Bash, with a focus on AWS CLI and SDKs.
- Excellent communication and collaboration skills, with the ability to present complex security concepts to non-technical stakeholders.
- AWS Certified Solutions Architect - Associate or higher certification level
- Experience working within a high-growth environment
- Security professional certifications (AWS Advanced Sec Specialist, CISSP etc.)
- Experience in other cloud platforms (Azure, Google)
- Experience with PCI compliant environments (PCI-DSS, etc)
How we work
Our team thrives on the energy of being together. While technology connects us virtually, we love the in-person collaboration and spend majority of our work week at our spacious (and fully stocked with snacks) Melbourne CBD office.
Like the rest of the team, you’ll benefit from
A competitive salary package, including equity from an early stage;
A balanced, progressive, and supportive work environment;
Excellent parental leave and other leave entitlements;
A fantastic office environment;
Endless learning and development opportunities;
Plenty of fun and social opportunities - we love to come together as a team;
An ability to influence and shape the future of Zeller as our company scales both domestically and globally;
Being part of one of Australia’s most exciting scale-ups.
At Zeller, we are looking for passionate people with drive and integrity. You are encouraged to apply even if your experience doesn’t exactly match this job description.