The Role

At FrankieOne, where we revolutionise identity verification and onboarding to be swift, seamless, and scalable, your role as a Senior Cloud Cybersecurity Engineer is crucial. You'll be at the heart of ensuring that our platform and supporting infrastructure is well protected against external threats, is secure by design and that high levels of general security awareness is maintained throughout the organisation.

We are seeking an experienced Senior Cloud Cybersecurity Engineer to enhance and maintain the security posture of our organization. The ideal candidate will have a strong technical background in cloud-based cybersecurity (ideally deep AWS experience) across cloud service, tools and application security, a proactive approach to identifying and mitigating risks, and the ability to collaborate effectively with cross-functional teams. This role offers an exciting opportunity to play a key role in shaping the security strategy of a growing startup.

Reporting to the CISO, the Senior Cloud Cybersecurity Engineer will be responsible for multiple key aspects of the security operations and cloud architecture, enhancing threat detection capabilities and incident response, vulnerabilities management and identity and access management. You'll play a critical role in protecting our customer and employee data, achieving our security objectives, and implementing robust security controls to ensure the resilience of our platform and systems.

Your Ticket to Success:

Be an advocate. For FrankieOne, for the product, for our people, and for our values.

You have deep experience working with cloud platforms, ideally AWS, but Azure or GCP experience will serve you well too.

You will have excellent analytical and problem-solving skills; be proactive, with the ability to work autonomously, with a sense of urgency and positive attitude, to prioritize and manage multiple tasks in a fast-paced environment.

You will also have strong written and verbal communication skills, along with a proven ability to build and manage relationships with different stakeholders. In this role you will need to help developers, operations teams and internal users understand the importance of good security practices when building, maintaining and using our product and systems.

Responsibilities

• Develop and implement security policies, procedures, and standards to safeguard the organisation's systems, AWS cloud infrastructure, and data aligned with our Information Security Strategy and Roadmap.
• Key member of the response team in the event of information security incidents and breaches.
• Conduct regular security assessments (e.g. threat modelling, architecture reviews etc.) and vulnerability scans to identify and address potential risks and weaknesses and to ensure compliance with relevant industry standards and regulations.
• Design, configure and maintain security solutions like XDR, CNAPP, SIEM, AWS Security Features, Identity and Access Management, MDM, SASE etc. to protect against threats like malware, ransomware, and unauthorised access as well as to monitor and analyse security logs and alerts to detect security risks and respond to security incidents in a timely manner.
• Collaborate with our Cloud Platform, Engineering Group and People teams on security controls and implementing best practice across Infrastructure Operations, Application Development and People provisioning/deprovisioning.
• Collaborate, coach, and assist teams in solving security issues in a manner that complies with business requirements and to ensure cybersecurity best practices are integrated across the organisation and are aligned to relevant information security standards and regulations.
• Stay abreast of emerging threats, vulnerabilities and security trends and advancements to continually enhance the organisation's security posture.
• Participate in security audits and compliance assessments to ensure adherence to regulatory requirements and industry standards.
• Able to work after hours and be on call periodically for large / critical system configuration and migration work.
• Will have made a point of automating as much of your job as possible through scripting and tools, so as to focus on the truly important tasks

In a Previous Life You Have:

• A bachelor's degree in Computer Science, Cyber Security, Information Technology, or related field is desirable, but not mandatory.
• A minimum of 5 years of experience in cloud-centric information security roles (again, ideally with AWS), with a focus on security operations, vulnerability management, or incident response.
• Advanced understanding of security principles, protocols, cryptography, and cloud security concepts and technologies
• You will have set up and managed AWS security tools such as Security Hub, Config, CloudTrail, Inspector, Guard Duty, etc
• Advanced understanding of secure software architecture practices and DevSecOps methodologies
• Advanced understanding of Identity Management and Access Control
• Proficiency in setting up and administering security tools and technologies such as firewalls (e.g. iptables, ipf, Fortinet), WAFs (e.g. Cloudflare, AWS), intrusion detection/prevention systems (e.g. OSSEC, Tripwire), endpoint security solutions (e.g. Crowdstrike, CarbonBlack) , and SIEM/SOAR platforms (e.g. Datadog, SumoLogic).
• Advanced understanding of security frameworks and methodologies — OWASP Top 10, MITRE ATT&CK, Cyber Kill Chain, etc
• Proficient in scripting with Bash and/or Python to automate SOC processes.
• Familiarity with security frameworks and standards such as NIST, ISO 27001, SOC 2 or similar
• Industry certifications such as CISSP, CISM, or GIAC.
• Experienced in fast-paced, cross-functional teams, utilising agile methodologies (Scrum, Kanban) with strong communication skills.

Department

Engineering

Locations

Philippines, Indonesia

Remote status

Fully Remote

Already working at FrankieOne?

Let’s recruit together and find your next colleague.