Descripción de la oferta
Join COLIBRIX ONE - Innovating the Future of PaymentsAt COLIBRIX ONE*, we're building advanced, AI-powered payment technologies that support Payment Service Providers (PSPs), Electronic Money Institutions (EMIs), and neobanks across the EU and the UK. As a fully licensed Electronic Money Institution (FCA Reference No. 927920) and holder of a Financial Institution License issued by the MFSA, as well as a principal member of both VISA and Mastercard, we provide comprehensive, real-world financial solutions that include the following:Global card processingDigital wallet infrastructureCross-border merchant accountsAlternative payment methods (APMs)Corporate accounts for legal entitiesWe're a fast-growing team with a passion for innovation, security, and scalability. Our culture values curiosity, collaboration, and impact - and we're looking for talented professionals who are ready to shape the future of fintech.At COLIBRIX ONE, your work directly powers the digital economy. If you're eager to solve meaningful challenges and build with purpose, we'd love to hear from you.About The RoleWe are looking for a Cloud Security Engineer to join our growing security team, working directly with the CISO to build and scale the information security function. This is a hands-on engineering role where you will work closely with DevOps and infrastructure teams to embed security into our cloud-native fintech platform. The primary focus of this role is cloud and DevSecOps security, with participation in monitoring and incident response.You will own the security tooling stack, drive vulnerability management, harden cloud infrastructure, and integrate security into the software development lifecycle. This is not a passive monitoring role; we need someone who can engineer solutions, influence development culture, and take ownership of security outcomes.What You Will OwnCloud & Infrastructure SecurityHarden and maintain security across a multi-account AWS environment (IAM, VPC, EKS, RDS, S3)Implement and manage cloud security posture monitoringMaintain and extend SSO permission sets and Kubernetes RBAC configurationsManage network security controls (firewalls, VPN, security groups)Drive secrets management, including rotation policies, vault integration, and eliminating hardcoded credentialsDevSecOps & Application SecurityIntegrate SAST, DAST, and SCA scanning into CI/CD pipelinesImplement container image scanning and Kubernetes admission controlsAdd IaC security scanning to the deployment workflowConduct security reviews of infrastructure changes and architecture decisionsWork with development teams to remediate application vulnerabilitiesParticipate in threat modeling for new services and architecture changesVulnerability ManagementOwn the vulnerability management lifecycle (scanning, triage, remediation tracking)Manage penetration test findings and coordinate fixes with development teamsDefine remediation SLAs and report security posture metricsSecurity Monitoring & Incident ResponseMaintain and improve security monitoring and alerting pipelinesManage log aggregation and alert routing for critical eventsParticipate in incident response and maintain IR runbooksRequiredWhat We Are Looking For3-5 years of experience in security engineering, DevSecOps, or infrastructure/cloud securityStrong hands-on AWS experience: IAM, VPC, EKS, CloudTrail, GuardDuty, Security Hub, KMSAbility to automate security processes using Python and IaC toolsKubernetes experience: RBAC, network policies, pod security, container image securityTerraform proficiency with ability to read, write, and review IaCExperience integrating security tools into CI/CD pipelines (SAST/DAST/SCA)Practical vulnerability management experience: scanning, triage, working with developers on remediationScripting skills: Python and BashFamiliarity with SIEM platforms (ELK, Splunk, or similar)Understanding of OWASP Top 10 and common web application vulnerabilitiesFluent Russian and English languages knowledge, both written and spokenNice to HavePCI DSS knowledge or experience in a payments/fintech environmentExperience with Shodan, Censys, nmap, or similar reconnaissance and attack surface toolsPrior experience as an early security hire or building security processes from scratchExperience with FortiGate / Fortinet security productsWhat We OfferDirect impact: you are shaping the security function, not just maintaining itWork directly with the CISO with high autonomy and ownershipOpportunity to shape security architecture, tooling choices, and engineering cultureAn established infrastructure foundation with room to build and improveGrowth into a lead role as the security team scalesAs well asOpportunity to shape the future of fintech solutions within a growing companyCollaborative, horizontal team structure that values your expertise and ideasContinuous learning and development opportunities to enhance your skills and career growthCompetitive salary and benefits packageFlexible work arrangements to support work-life balanceThis position is offered within the COLIBRIX ONE. Employment will be under the appropriate legal entity based on the role and location
#J-18808-Ljbffr
