Cloud Security Engineer

About the job

The world’s most critical--and at-risk--business applications have been neglected for far too long. Onapsis eliminates this blind spot by providing cybersecurity solutions dedicated to business-critical applications. Whether running on-premises, in the cloud, or in a hybrid environment, Onapsis helps nearly 30% of the Forbes Global 100 understand the threats and risks across their SAP and Oracle landscapes. 

What you will be doing, your legacy: 

Key activities and responsibilities:

• Cloud Security Governance: Define, implement, and maintain cloud security governance frameworks, ensuring policies, standards, and controls are consistently applied across all cloud environments.
• Security Architecture Implementation: Design, develop, and implement security architectures and processes for the cloud.
• Security Tool Deployment: Recommend and install appropriate tools and countermeasures to protect cloud environments.
• Vulnerability and Risk Assessment: Coordinate and perform vulnerability testing, risk analysis, and security assessments on cloud environments.
• Incident Response Collaboration: Work together with the SOC Team to define the cloud security incident response plan and analyze cloud security breaches to determine root causes.
• Standards and Guidelines Development: Develop and publish Cloud Security standards, guidelines, and recommendations based on best practices and compliance requirements to stakeholders, and IT departments.
• Training and Awareness: Train fellow employees in cloud security awareness, procedures, and best practices.
• Cloud Security Research: Continuously research the latest cloud security trends to keep the organization updated.

Requirements:

• 3+ years of technical experience establishing and implementing security best practices in cloud environments, including AWS, GCP, and Azure.
• Hands-on experience using cloud-native security tools, such as Cloud IAM, Threat Intelligence, Audit Logs, etc, to monitor, detect, and respond to security threats.
• Solid understanding of network and security protocols, including TCP/IP, SSL/TLS, IPSec, DNS, and routing concepts.
• Knowledge of Infrastructure as Code (Terraform) and/or Containers Orchestration (Docker & Kubernetes).
• Practical experience automating security tasks using languages like Python.
• English proficiency to effectively communicate in a global, cross-functional team.
• Strong analytical thinking, attention to detail, and eagerness to learn in a dynamic security environment.

Desired skills or interests in:

• Practical experience working in an agile environment, with the ability to adapt to dynamic priorities and deliver results in fast-paced settings.
• Knowledge of information security standards such as ISO 27001, NIST 800-53, and CIS Critical Security Controls, with a strong understanding of related principles for risk identification and security analysis.
• Experience with identifying and resolving network-related issues.
• Relevant certifications in cloud environments. security, and networking.

What we offer: 

• A role in shaping the future of protecting the most critical applications that run the world's business and a career that grows as the company grows.
• A unique culture of high achievement and teamwork.
• Supportive and humble colleagues are the space's top problem solvers and innovators.
• Financial security through competitive compensation and incentives.

Onapsis established a new development center in Bucharest. This is a hybrid role, so candidates must be commutable to Bucharest. 

Please note that the role is available exclusively under an employment contract (CIM), with no B2B option offered.

About Onapsis:

Onapsis protects th