Requirements 7+ years of Cloud Information Security experience, with a focus on public cloud providers such as AWS, GCP, and Azure. AWS Security, CISSP, CISA, OSCP, or other information security certification. Experience in performing security reviews of cloud application designs, source code, and deployments. Knowledge and staying up to date on the latest cloud security advisories, alerts, and vulnerabilities. Knowledge of Rapid7, InsightVM, and Appsec products. Strong verbal and written communication skills for a highly collaborative environment. Rigorous attention to detail and focus on the quality of deliverables. Expertise in AWS services like EC2 & ECS, WAF & VPC configuration & IAM rules, and cloud security platforms such as CNAPP, CSPM, CWPP, CASB, CIEM. Familiarity with Infrastructure as Code (IaC) tools like Terraform/CloudFormation. Comfortable with Python and able to read Java when necessary, with an emphasis on cloud security scripting and automation. Proven team experience and comfort in a team-oriented environment. Passion for working with cloud technology and excitement for creating high-quality, secure consumer technology products. Responsibilities Enhance the security of our cloud environments across AWS, GCP, and Azure. Evaluate, review, and deploy cloud-native security tools in AWS and Azure. Monitor, configure rules, and enforce using cloud security platforms such as CNAPP, CSPM, CWPP, CASB, and CIEM. Utilize the Wiz tool for cloud security posture management, including configuration analysis, vulnerability detection, and compliance monitoring. Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security. Determine, monitor, and maintain our security posture in collaboration with Engineering. Oversee and manage the deployment, integration, and configuration of security solutions and any enhancements to existing security solutions and the enterprise's security documents. Collaborate with development, operations, and security teams to integrate security into all phases of the software development lifecycle. Develop and maintain threat models for cloud environments and train engineering teams to develop attacker/risk-driven design skills. Actively partner with infrastructure, application, and other stakeholders to ensure deployed solutions minimize security and privacy risks. Familiarity with EDR in the cloud to further develop and maintain our detection and response capabilities. Required Languages English Advanced 80-95% Location Remote, Colombia. #J-18808-Ljbffr