Golang Job: Cloud Security Engineer

Job added on

Company

Fourthline

Location

Barcelona - Spain

Job type

Full-Time

Golang Job Details

At Fourthline, our mission is to fight financial crime. We help protect the global financial system by verifying millions of identities for banks, neobanks, online brokers, crypto exchanges, or insurers like N26, Vivid, Trade Republic, flatexDEGIRO, Wish, Solarisbank, and more.

Having started our journey in January 2018 only, we're incredibly proud to count around 350 employees between our Amsterdam and Barcelona offices with over 50 nationalities.

Our Cloud Security Engineer will support securing the cloud infrastructure which underpins our products. We run a scalable and highly available platform on the cloud, and it requires matching security controls to ensure its safety, quality, and market edge. In other words, your work will support the security of our most critical assets!


What is it we ask from you then?

You will prototype, develop, implement, and maintain cloud-centric security solutions to protect our products and data – the personal data of users which our customers trust us to safeguard. Working side-by-side with other security engineers and platform automation engineers, the solutions you implement will be deployed to a distributed cloud platform across different environments.

You will often contribute with your creativity, ideas, and a fresh pair of eyes while you also further your knowledge the nitty-gritty details of cloud computing and security from our domain experts.

You will have the opportunity to explore multiple areas of information security when the demand is high, by supporting other members of the security team in their projects and initiatives.

We work in a Scrum-like fashion, where our goal is to deliver small improvements frequently to support big projects and initiatives. Securing our products one step at a time!

We will make sure you are given the tools, processes and technology to be a rock star in your area.


And did we define some tasks and projects around this as well then? Of course, we did!

  • You will design and prototype security controls for the cloud based on our security policies and other requirements
  • You will implement and maintain the solutions which provide security functions for the products or data hosted on our cloud environments
  • You will participate in code reviews and held internal workshops for other platform solutions to ensure they meet our security standards
  • You will be developing automation scripts, and infra as code for embedding our security standards into our cloud stack
  • You will benchmark our security controls against to CIS and continuously bring new ideas to harden the configuration and infrastructure
  • You will explore and enable the tools to help our life easier to manage, maintain, observe our cloud security exposure

"You are with us for one year from now and looking back you contributed to complete the yearly security engineering roadmap with the team, and established yourself as a knowledgeable, go-to cloud security engineer.

More importantly I'm delighted that some of those ideas came from you, some of them from the team members which you greatly contributed! Damn… that's it!" – Mustafa, Head of IT Security, during your yearly review.


Background and skills
This is not going to be your first rodeo and we think it will not be your last either! We are looking for that positive minded personality with at least 2 years of experience can chop up these hard to chew topics in eatable portions that are workable and make sense to others. But also, a person that loves to take ownership of our (IT) security, policies and procedures.

Furthermore, you HAVE:

  • Bachelor's degree ideally from the technical university
  • Ideally you come with experience as either Cloud Security Engineer / Application Security Engineer / SRE / Platform or Automation engineer / QA Engineer/ Penetration Tester / Offensive Security / Systems engineer

Practical knowledge in one or more of these areas is going to help us a lot:

  • Terraform / AWS / Kubernetes / IAM / Cryptography / SQL / C# .Net
  • CI/CD pipeline / GitOps / DevSecOps / SDLC
  • Scripting / programming languages such as Python/Ruby/Golang
  • Rest API / Mobile SDK security
  • Linux / Container security
  • Vulnerability management solutions / Threat modelling / Security architecture

Certifications in these fields are considered as additional value for us:

  • GIAC such as GCSA/GCPN/GCLD/GPCS
  • AWS or Azure Security Certification
  • Kubernetes certification

We encourage you to apply even if you don't meet 100% of the criteria listed above. We may have asked a lot? Let's have a talk how we can make you grow with us!

Our product has unique technical challenges in our fast-growing business; we can best tackle them when we have multiple voice and perspective within our diverse culture.

What do we offer?

We are growing...FAST! That means there is a lot of room for impact in a fairly new KYC market! You will get the chance to work at and add value to an international and rapidly growing scale-up that works with leading names in global FinTech, Crypto, and Trading platforms. You will get:
  • 50/50 hybrid working model
  • Remote work enablement and work from home allowance
  • 25 days of holidays to chill
  • Offices in Amsterdam and Barcelona with over 50 different nationalities
  • Workplace Experience Group to enhance the employee experience in wellbeing, CSR and D&I
  • Open Up – our partner in mental health support. Accessible to all our employees
  • Career growth opportunities
  • Free coffee, drinks, fruit & snacks always available
  • Subsidized warm lunch
  • Fourthline swag
  • Additional local benefits – these vary per country
  • Friday fun: Drinks in our very own bar, Arcade game nights, and sports activities. Do you have any ideas for our next team-building event?

At Fourthline, we believe diversity enriches our culture and inspires you to do your best work. We value your unique talents and perspectives, welcoming them into a safe and inclusive working environment, to ultimately deliver the best products to our customers and society. You're welcome here. Fourthline is for everyone.


Our hiring process is designed to be equal, fair, and transparent. We welcome people from all backgrounds, ethnicities, genders, sexual orientations, ages, abilities, religions, and experiences in life. If you're excited about this role, but your experience does not align perfectly with every qualification in the job description, we encourage you to apply anyways. You may just be the right candidate for this or other roles.