Cleafy is a SaaS company, a team of fraud hunters, cybersecurity experts, data scientists, and software engineers that since 2014 share the same dream: make technology a safer place.
Every day, we work side by side with our customers to help them safely navigate digital opportunities, while growing their business.
Cleafy has recently secured a €10 million Series A capital raise from United Ventures to fund its international expansion.
Job Description:
We are looking for a highly skilled Security Engineer to join our Security & Compliance team. The ideal candidate will possess a strong technical background, particularly in cloud security technology.
You will be responsible for implementing, managing, and monitoring security measures to protect our cloud infrastructure, network, systems, and data.
Responsibilities:
- Implement, maintain and monitor robust security measures within the cloud, particularly on Google Cloud Platform (GCP).
- Implement, maintain and monitor security controls within CI/CD pipelines (Bitbucket, Terraform, Jenkins), and assist in the SSDLC process (Threat Modelling, SAST, DAST, SCA).
- Conduct regular security assessments. Implement strategies to mitigate identified threats and vulnerabilities.
- Harden endpoint devices, particularly Macs, by implementing appropriate security configurations and controls (CIS).
- Monitor and respond to security incidents and alerts as L2, ensuring timely resolution and minimal impact.
- Work closely with IT and Engineering teams to ensure applications and systems are securely designed and implemented.
- Assist in the creation and maintenance of security documentation and reports.
- Effectively communicate security concepts and solutions to both technical and non-technical stakeholders.
- BS/MS in Computer Science, Information Security, or a related field.
- 3 to 5 years of experience as a Security Engineer or in a similar role.
- Strong knowledge of cloud providers, specifically Google Cloud Platform (GCP).
- Hands-on experience with firewalls, IDS/IPS, SIEM, XDR and other cloud security tools.
- Experience in endpoint device hardening, particularly for Mac environments.
- Proficiency in scripting languages (e.g., Python, Bash) for automation.
- Experience with securing CI/CD pipelines and implementing security within the SSDLC process.
- Knowledge of threat and vulnerability management practices, including conducting assessments and implementing mitigation strategies.
- Familiarity with regulatory requirements and industry standards (e.g., ISO27001, SOC2).
- Excellent problem-solving skills and attention to detail.
- Strong communication and teamwork abilities, with the capacity to explain security concepts to both technical and non-technical stakeholders.
Plus:
- Relevant certifications such as Security+, Google Professional Cloud Security Engineer, Certified DevSecOps Professional, etc.
- Background as Penetration Tester/Red Team.
- Hybrid or remote job. You choose!
- Attractive packages based on skills and experience
- International environment with significant challenges to be met every day
- Personalized support to accelerate your professional growth
- Latest technologies and being encouraged to bring your flair to the role
Working at Cleafy means being part of a group of people that support, respect, and inspire one another, no matter what.
That's why we have been certified by Great Place to Work® (find our page on bit.ly/BestWorkplace-Cleafy).
We are literally changing the status quo in fighting online fraud, and we need great people for that.
Do you have what it takes to be part of the Cleafy family?