Senior Cloud Security Engineer
Stockholm, Sweden
Truecaller
We have identified 3.2 trillion unknown calls & helped in blocking 56 billion spam calls in 2024. Download the Truecaller app for free today for safer communication!Hej, Truecaller is calling you from Stockholm, Sweden! Ready to pick up?
Our goal is to make communication smarter, safer, and more efficient, all while building trust everywhere. We're all about bringing you smart services with a big social impact, keeping you safe from fraud, harassment, scam calls, or messages, so you can focus on the conversations that matter.
- Top 20 most downloaded apps globally, and world’s #1 caller ID and spam-blocking service for Android and iOS, with extensive AI capabilities, with more than 400 million active users per month.
- Founded in 2009 with an impressive year-on-year growth with high profitability.
- Listed on Nasdaq OMX Stockholm and is categorized as a Large Cap. Our focus on innovation, operational excellence, sustainable growth, and collaboration has resulted in consistently high profitability and strong EBITDA margins.
- A team of 400 people from ~35 different nationalities spread across our headquarters in Stockholm and offices in Bangalore, Mumbai, Gurgaon, and Tel Aviv with high ambitions.
We, at the Security team, play a critical part in Truecaller’s continuous success and mission to build trust everywhere as we handle the overall security in every domain of Truecaller. Our vision is to contribute to the development of a state-of-the-art product for our users and push the boundaries of security.
As a Senior Cloud Security Engineer at Truecaller, your role is pivotal in safeguarding our core cloud infrastructure. You will be a key member of the Security team, focusing on maintaining the highest standards of security controls for our critical systems within Google Cloud Platform (GCP). We're looking for someone passionate about solving complex infrastructure security problems through innovative engineering solutions. You'll leverage your deep understanding of cloud services, infrastructure-as-code, networking, and container security to design, implement, and manage robust security measures, ensuring the resilience and integrity of Truecaller's platform.
The impact you will create:
- Design and Secure GCP Infrastructure: Lead the design, implementation, and management of security architectures and controls specifically for our GCP infrastructure (networking, compute, storage, GKE).
- Secure Infrastructure-as-Code (IaC): Develop, implement, and enforce security best practices within our IaC (Config Connector) workflows and CI/CD pipelines to prevent vulnerabilities proactively.
- Manage GCP Security Posture: Utilize GCP-native tools (e.g., Security Command Center, Cloud Armor, VPC Service Controls, IAM) to continuously monitor, assess, and improve the security posture of our cloud environment.
- Lead Infrastructure Vulnerability Management: Drive the identification, assessment, and remediation of security vulnerabilities specifically within GCP infrastructure components and configurations.
- Implement Network Security Controls: Design, configure, and manage GCP network security controls, including firewall rules, VPC configurations, network segmentation, and load balancing.
- Enhance Container & Kubernetes Security: Implement and manage security best practices for our containerized environments and Google Kubernetes Engine (GKE) deployments throughout the lifecycle.
- Automate Security Operations: Develop and maintain automation scripts (using Python, Bash, Go, etc.) to streamline security monitoring, alerting, and response tasks within GCP.
- Collaborate and Provide Guidance: Partner with our infrastructure, and development teams to embed security into their workflows and provide expert guidance on secure infrastructure design and practices.
What you bring in:
- Experience: Bachelor’s degree in Computer Science, Information Security, or a related field, with several years of hands-on experience in a senior engineering role focused specifically on infrastructure security.
- Deep GCP Expertise: Proven, in-depth knowledge and practical experience securing cloud infrastructure, services, and security features (e.g., GKE, VPC, IAM, KMS, Security Command Center, Cloud Armor, or other hyperscalers similar services, or equivalent services offered by other hyperscale cloud providers).
- Infrastructure as Code (IaC) Security: Strong experience writing and securing IaC deployments.
- Network Security: Solid understanding and practical application of cloud network security principles (VPC, firewalls, segmentation).
- Container & Kubernetes Security: Demonstrated expertise in securing Docker containers and Kubernetes deployments.
- Scripting and Automation: Proficiency in scripting languages such as Python, Bash, or Go for security automation.
- Problem-Solving: Excellent analytical and problem-solving skills applied to complex infrastructure security challenges.
- Communication: Strong ability to communicate technical security concepts clearly to both technical and non-technical stakeholders.
- DevSecOps Mindset: Experience integrating security into CI/CD pipelines and infrastructure development workflows.
Life at Truecaller - Behind the code: https://www.instagram.com/lifeattruecaller/
Sounds like your dream job?
We will fill the position as soon as we find the right candidate, so please send your application as soon as possible. As part of the recruitment process, we will conduct a background check.
This position is based in Stockholm, Sweden.
We only accept applications in English.
What we offer:
- A smart, talented, and agile team: An international team where ~35 nationalities are working together in several locations and time zones with a learning, sharing, and fun environment.
- A great compensation package: Competitive salary, 30 days of paid vacation, flexible working hours, private health insurance, parental leave top-up, pension contribution, Udemy membership to keep learning and improving, and free gym membership.
- Great tech tools: Pick the computer and phone you most fancy within our budget ranges.
- Office life: We strongly believe in in-person collaboration and follow an office-first approach while offering some flexibility. Enjoy your days with great colleagues with loads of good stuff to learn from, and a wide range of yummy snacks and beverages. In addition, every now and then check out the playroom for a fun break or join our exciting parties and or team activities such as Lab days, Running team, movie nights in our cinema, or a Geek lunch. There’s something for everyone!
Come as you are:
Truecaller is diverse, equal, and inclusive. We need a variety of backgrounds, perspectives, beliefs, and experiences to keep building our great products. No matter where you are based, which language you speak, your accent, race, religion, color, nationality, gender, sexual orientation, age, marital status, etc. All those things make you who you are, and that’s why we would love to meet you.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Android Automation Bash CI/CD Cloud Computer Science DevSecOps Docker Firewalls GCP IAM iOS Kubernetes Monitoring Network security Python Scripting Vulnerabilities Vulnerability management
Perks/benefits: Career development Competitive pay Fitness / gym Flex hours Flex vacation Health care Parental leave Snacks / Drinks Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.