Senior Security Engineer
Senior Security Engineer
Aquanow, a leading infrastructure and liquidity provider that provides institutional and enterprise application platforms for digital assets, is looking for a Senior Security Engineer to join our technology team.
This is a unique opportunity to work alongside a highly-experienced team and contribute to the development of a high-growth trading and technology company.
As Aquanow grows, so does the risk surrounding its cloud footprint. The Security team is responsible for building safeguards that allow our developers to move fast while minimizing risk, maintaining a secure software supply chain, and developing secure infrastructure patterns such that our applications run safely with a reduced blast radius.
If you want to have your name in the success story of a globalizing company, we look forward to receiving your application to the winning Aquanow team!
What You’ll Do :
- Perform security assessments and audits of our infrastructure, identifying and mitigating security gaps and weaknesses.
- Partner with internal product teams to implement a secure-by-default design into their own products.
- Partner with Aquanow engineering teams to understand and resolve security incidents that arise on their services.
- Conduct in-depth security reviews of application code, working closely with developers to code securely from the outset and address issues early during coding and testing phases.
- Monitor and analyze logs, events, and metrics to identify security incidents, potential breaches, and emerging threats.
- Develop and maintain incident response plans, procedures, and playbooks for effective handling of security incidents and breaches.
- Design, implement, and maintain security measures for our cloud infrastructure, including VPCs, security groups, IAM roles, and access controls.
- Participate in the management of corporate security tools, technology and appliances to ensure they are operating effectively (e.
g. SOC, SIEM, Scanning, hardening)
Maintaining security hardening configurations and guidance for the diverse set of service available across AWS, GPC and other public cloud providers
You’ll Need to Have :
- 5+ years of Security Engineering experience preferably in AWS Cloud and at least 2 of the following areas : cloud security, web application security, incident response, threat hunting, and cyber security operations.
- Bachelor's degree in Computer Science, Information Security, or a related field. Equivalent work experience may be considered.
- Strong knowledge of security principles, best practices, and common vulnerabilities (e.g., OWASP Top 10)
- Familiar with SAST, DAST, Fuzzing, and other tools.
- Experience with Wiz, Prisma Cloud, Jira, Confluence & Terraform / CloudFormation (Infrastructure as a code)
- Experience with security technologies, such as firewalls, IDS / IPS, SIEM, DLP, antivirus, and vulnerability scanners.
- Good understanding of cloud security architecture, security assessments, audit standards for the Cloud, security threats in the cloud.
- Solid understanding of network protocols, TCP / IP, and network security concepts.
- Stay updated with the latest security trends & technologies.
We’d Love to See :
- Experience working in a regulated environment such as SOC2, HIPAA, or ISO27001
- Automation experience with AWS. Relevant certifications such as AWS Certified Security - Specialty, CISSP, CEH are highly desirable.
- Experience in a global environment covering multiple time zones.
- Passion in all things security
The Interview Process :
- Stage 1 : A 30-minute video call with the Security Manager
- Stage 2 : A 45-minutes technical deep dive with the members of the Security team
- Stage 3 : A 30-minute video call with the CTO and Co-Founder