Staff Cloud Security Engineer

Position Overview

• Location Type: [Not Specified]
• Job Type: Full Time
• Salary: [Not Specified]

Hi, we’re MoonPay. We’re here to onboard the world to Web3.

Why? Because we think Web3 is a unique and democratising technology. It gives people back control of their money, digital identity, data, and property like nothing else before it.

What we do We’re the leading infrastructure company in Web3. This means we offer our partners everything from payment solutions (we call them 'Ramps') to minting software for digital collectibles, like NFTs. And over 30 million people around the world now trust our products — just take a look on Trustpilot.

We’re also big on collaborations. And we've worked on stunts, drops, and partnerships with some of the world's most prestigious and forward-thinking brands.

But that’s not all. We have also built our own consumer app because we wanted to see if we could build a better Web3 account. It’s taken off in a big way, and we're working hard to continually improve it and to strive for perfection.

So whatever your background, we’re sure there’s something for you here. Come help us build the future of Web3 and digital ownership.

About the Opportunity

Our Product Security Team is a dynamic blend of proactive defenders and inquisitive problem-solvers. We're dedicated to fortifying our cloud infrastructure (GCP and AWS) through rigorous security reviews, threat modeling, and automated controls. We actively manage our cloud security posture, ensuring swift response and remediation to identified risks. We leverage cutting-edge tools like DataDog for cloud security monitoring and Terraform for secure Infrastructure as Code. Collaboration is key, as we embed security best practices throughout the infrastructure lifecycle. We are constantly researching emerging cloud threats, crafting effective mitigation strategies, and empowering our engineering teams with comprehensive training. We maintain up-to-date cloud security standards, baseline, implement Just-in-Time (JIT) access controls, and will establish and lead our cloud incident management process.

What you will do

• Perform Threat Modelling of architectural infrastructure changes and new cloud infrastructure and Kubernetes deployments in GCP and AWS.
• Design, implement, and manage robust security controls and configurations for our GCP and AWS environments.
• Develop and maintain secure Infrastructure as Code (IaC) using Terraform and tools.
• Implement, manage, and enhance Cloud Security monitoring using DataDog, including alert configuration, response procedures and not just rely on out of box (OOTB) rules.
• Implement and manage Just-in-Time (JIT) access solutions for elevated privilege access to cloud resources.
• Establish and manage the cloud incident management process and program, including leading incident response activities for cloud security events.
• Collaborate with infrastructure and development teams to integrate cloud security best practices throughout the infrastructure lifecycle.
• Research and evaluate emerging cloud security threats and vulnerabilities, and develop effective mitigation strategies.
• Develop and deliver cloud security training and awareness programs to engineering and relevant teams.
• Contribute to the development and maintenance of cloud security standards, policies, and documentation, ensuring they are up-to-date.
• Manage the future of our cloud security posture, driving continuous improvement and strategic initiatives.
• Accurately document cloud security configurations, processes, and knowledge, and effectively disseminate this information to other teams.
• Conduct vulnerability assessments and drive remediation for cloud infrastructure.
• Support requirements and evidence requested from auditors, compliance and regulators.

What you'll be working on

As part of our Cloud Security team, you'll be instrumental in designing, building, and maintaining the security of our cloud platforms (GCP & AWS). You'll conduct in-depth threat models of cloud architecture.