x
f e o d o r

Development

Cloud Security Engineer

Cyprus

Send Resume

Your role at Feodor.

Feodor team is the developer of a payment aggregator for B2B clients in the Forex industry, developing and improving the protection of payment methods. Technology startup since 2022. Businesses can accept payments from their customers in different regions through our crypto and fiat payment solutions.

IT is a large part of the company, the structure in it (as well as the company as a whole) is flat, and all teams are equal.

We currently have two dev teams and one DevOps team that provides service for all dev teams. Dev teams are cross-functional. They have all the necessary specialists to bring the task from idea to production (analyst, QA, developers).

Our technology stack:

  • Development: Python, PostgreSQL, React, Node.js
  • DB: Google CloudSQL (PG)
  • Infrastructure: Google Cloud Platform (GKE, GCE, GCS, Pub-Sub, etc.)
  • Containerization: Containerd
  • Orchestration: Kubernetes (GKE)
  • VCS/CICD: Gitlab, Gitlab CI, FluxCD
  • Secret storage: Hashicorp Vault, GCP KMS
  • Docker Registry: Google Artefact Storages
  • IaC: Hashicorp Terraform, Ansible
  • Monitoring and Logs: Prometheus + Thanos, Grafana, Loki, Sentry
  • Service Mesh: Istio
  • LB: Google Cloud LB
  • WAF: Google Cloud Armor

You will be.

Develop protocols that help all team members stay on top of their security needs. Create policies that ensure all systems follow regulatory security standards and compliance. Supplement Cloud monitoring tool(s) by adding new capabilities, security checks, and automation using the tool's extension capabilities and the SDK/API

Provide threat modeling and risk assessment services to characterize various systems and components' risk and severity posture in the Cloud environment. Run Cloud Continuous Monitoring reporting/metrics governing all security compliance/hygiene issues across the cloud ecosystem.

We currently have two dev teams and one DevOps team that provides service for all dev teams. Dev teams are cross-functional. They have all the necessary specialists to bring the task from idea to production (analyst, QA, developers).

Develop and Deploy security guardrails through reusable patterns using standardized development frameworks

Run and operate Breach and Attack Simulation (BAS) platform(s) to continually simulate, validate, and remediate potential attackers' paths to critical Cloud assets. Vulnerability and Threat Management (VTM) - Monitoring and Assessment in the container space.

Collect security-related operational metrics through automation and increase security visibility across the organization; measure the coverage and effectiveness of security tools; transparency over the security state of the Cloud.

The Ideal Candidate.

  • Technical / Hard Skill
  • Communicating risk in a nuanced manner to inform business decisions
  • Deep knowledge of networking, infrastructure, and applications from a DevOps perspective with a security focus
  • A polyglot technologist with the ability to quickly learn, adapt and use different technologies, including but not limited to Cloud platforms and protective monitoring
  • Broad knowledge of security control techniques and how they can be applied in a traditional IT environment as well as cloud-based systems
  • In-depth understanding of the methods of technical attack and how these can be detected in a digital environment
  • Ability to assess and analyze a wide range of information to conclude how to improve the security of our systems
  • Knowledge of information security concepts and of current and emerging IT security, data protection, and information risk principles and technologies.
  • Knowledge of security monitoring, prevention, and control systems, including anti-virus, web proxies, and security software.
  • Core network protocols and services (TCP/IP, DNS, DHCP)

Nice to Have:

  • Experience with Hashicorp Vault;
  • Deploying and supporting cloud-based applications that are scalable, resilient, and highly available
  • Bespoke software development and build/deployment automation
  • Soft Skills
  • Challenge seeker and Fast learner
  • A motivated, open-minded person, team player with good communication skills
  • Working well autonomously, without close supervision
  • At least an Intermediate level of English

What we offer.

  • Reasonably priced and attractive package (competitive salary based on your expectations and internal performance) with the possibility of relocating to Cyprus;
  • Company car – the company will provide those moving with cars and parking near the office;
  • We'll pay school or kindergarten fees (Annual Registration or Tuition Fees, Regular term fees, Half day service to kindergartens) for your children between 0 years - 18 years, up to three (3) children;
  • L&D - support your need to replenish your knowledge and acquire new skills to do your job better via Continuous product education, Professional training & Certifications, Soft skill training, Language classes ;
  • Sports Benefits - Free Sanctum Club Membership for you and your spouse. Jet Skis (if you have a speed boat operator license) ;
  • Medical - Besides having a Corporate Doctor, we cooperate with one of the biggest international insurance companies to provide medical insurance for you and your families. Coverage is provided for you, your spouse, and your children up to 18 years old. It includes Inpatient,
  • Outpatient, and international support.
Send Resume