Senior Security Cloud Engineer (DevSecOps/AWS)

TL;DR

Senior Security Cloud Engineer (DevSecOps/AWS): Building and securing cloud infrastructure in AWS and GCP with an accent on automation, DevSecOps methodology, and defining security posture across data, applications, and networks. Focus on defining and implementing security incident response, improving monitoring and alerting with specific security data points, and embedding security into continuous deployment pipelines.

Location: Remote from Spain

Company

hirify.global is a pioneer in research technology (ResTech) providing a programmatic marketplace with nearly 300 million respondents in over 150 countries.

What you will do

• Define and improve the general security posture across legacy and green field resources including data, applications, and networks.
• Provide security expertise to engineering teams to ensure consistent adoption of security policies and best practices.
• Participate in the automation of software to the cloud platform and embed security into the DevSecOps methodology.
• Improve monitoring and alerting systems with specific and relevant security data points.
• Participate in an on-call rotation and assist with troubleshooting issues.
• Define and implement a Security Incident Response process/policy with regular evolution, testing, and adherence.

Requirements

• Three years or more experience in Cloud Infrastructure roles, predominantly AWS, practicing DevSecOps.
• Ability to interact comfortably with AWS via CLI and/or API.
• Proficient in managing Infrastructure exclusively with Terraform.
• Specific expertise in threat assessment, attack surface management, data security, network stack at L4 and L7, DNS, VPC security, IGW, WAF, and CloudFront.
• Experience designing and managing IAM policies, roles, and trust policies.
• Good knowledge of VPN, MFA, SAML, OAuth2, KMS, and TLS.
• Experience building and running Docker images/containers securely, including container orchestration security.
• Expertise in at least one scripting or programming language (Python, Bash, Ruby, Node, Golang, Java).

Nice to have

• AWS Certified Security Specialist.
• Hands-on experience designing and implementing security controls within GCP.
• Experience defining and operating a Security Incident Response process.
• Good knowledge of monitoring and alerting using one or more of: Graphite, Statsd, Prometheus, Grafana, OpenSearch.
• Any experience with ISO27001 certification processes.
• Offensive or defensive penetration testing experience.

Culture & Benefits

• Focus on collaboration, innovation, accountability, and caring.
• Recognized in Newsweek’s 2025 Global Top 100 Most Loved Workplaces®.
• Highly competitive compensation packages and employment benefits.
• Company has a global presence with offices in Stockholm, London, New York, New Orleans, Singapore, Tokyo, and Sydney.
• Commitment to diversity, equity, and inclusion.