Cloud Security Engineer
AppspaceFull Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
Candidates should possess 5-7 years of experience in product security, cloud security engineering, or a related field. A strong understanding of Google Cloud Platform (GCP) services and security best practices, including IAM, networking, data protection, and workload runtimes, is essential. Hands-on experience with penetration testing coordination, threat modeling, and risk assessment is required, along with proficiency in Infrastructure-as-Code tools like Terraform and CI/CD integrations. Familiarity with designing and enforcing least-privilege IAM and conducting access reviews is necessary, as is the ability to clearly communicate security risks and recommendations to engineering and leadership audiences. Preferred qualifications include professional certifications such as GCP Professional Cloud Security Engineer, OSCP, or CISSP, experience building reusable security guardrails and automation at scale, and familiarity with Kubernetes (GKE) and container security.
The Senior Product Security Engineer will lead product and cloud security by embedding into engineering workflows and acting as the subject matter expert for GCP. This involves running security architecture reviews for product features and the GCP environment, leading threat modeling, and owning penetration testing engagements from scoping to remediation. The role also includes designing and enforcing least-privilege IAM in GCP, building security guardrails through policy and infrastructure-as-code, and ensuring security issues are triaged, tracked, and resolved. Responsibilities extend to providing enablement and mentorship for engineers, creating practical documentation and runbooks, and reporting progress and risks with metrics to security leadership. The engineer will also mentor other engineers and code owners on secure-by-default coding and architecture best practices.
Subscription service for custom children's clothing
Dopple is a subscription service that curates custom wardrobes for children, focusing on providing unique and stylish clothing options. The service operates by delivering regular shipments of clothing tailored to the individual tastes and needs of each child, based on information provided by parents and data collected from their interactions with the service. This personalized approach makes shopping exciting, as each delivery offers a surprise element. Dopple partners with a variety of brands, including both well-known names and emerging designers, to ensure a diverse selection of high-quality clothing. Unlike many competitors, Dopple emphasizes a community experience through their "dopplegang," fostering customer engagement and loyalty. The company's goal is to enhance the shopping experience for parents while providing children with fashionable clothing, with plans to expand internationally in the future.