Engineer II, Cloud Security Engineering

Role - Engineer II (Cloud Security)

Title - Engineer II, Security Engineering

Location: Bangalore, India 

About Us

Founded in 2014, Circles is a global technology company reimagining the telco industry with its SaaS platform, helping telco operators launch and operate successful digital brands. Today, Circles is partnering with operators in 14 countries across 6 continents with the mission to deliver digital experiences to millions of people through our businesses.

With Circles.Life, our digital lifestyle brand established in Singapore, we empower and delight customers by offering digital experiences that go beyond traditional telco services. Circles.Life  is powered by the same SaaS platform and go-to-market strategies developed by Circles, serving as a market-leading example of digital innovation and the future of telco. Circles.Life has earned numerous accolades over the years, including "Best Use of MarTech" at the CX Asia Excellence Awards and #1 in Singapore's Best Customer Service Award.

Circles is backed by global investors such as Peak XV Partners (formerly Sequoia), Warburg Pincus, EDBI, and Founders Fund – renowned institutions with a track record of backing industry-shaking innovators.

About This Role

As a Engineer II, Security Engineering, you will be given a unique opportunity to solve security challenges in our Cloud environments and work on high impact projects.

You will be responsible for:

• Ensure Security in the Cloud, primarily GCP and AWS, in accordance to the definitions of the shared service model;
• Building partnership with internal stakeholders to draw out security baseline standards for Cloud Security Posture Management (‘CSPM’) based on Cloud Service Provider security offerings and best practices;
• Identify potential gaps in existing instances, areas to improve our cloud security posture by comparing against the baseline security standards;
• Propose solutions to close gaps and drive remediation;
• Drive standardization of best practices across all aspects of Cloud Security;
• Advise engineering teams on Cloud infrastructure design to ensure security is embedded throughout the lifecycle;
• Identify and prioritize critical audit logs based on the organization's infrastructure, applications, and security requirements;
• Research attack campaigns and facilitate awareness on common tactics, techniques and procedures (TTPs) related to Cloud environments; evaluate presence of possible exposure with the operating environment(s);
• Develop threat hunting use cases to support risks identified within the threat model(s)
• Use APIs to automate processes and tie tools together (e.g. pull data from a CSPM into a SIEM, pull assets from a CMDB into a scanner, and integrate alerts into Slack automations)
• Develop Python scripts, or similar, to automate recurring security and compliance tasks;
• Research new security technology trends that can be used to reduce exposure;
• Work with cross functional teams as a security representative during incidents; and
• Ensure ongoing maturity of the CSPM to maintain the confidentiality, integrity, and availability of information assets.

What are we looking for?

• 2+ years of hands-on experience in defining and implementing Cloud Security
• Familiarity with one or more cloud environments such as GCP and/or AWS and their security offerings
• A deep understanding of cloud, network, application and infrastructure security
• Knowledge of how to secure solutions in complex hybrid cloud enterprise and SaaS environments
• Ability to implement cloud security best practices in partnership with Engineering teams and systems owners
• Ability to understand, conceptualise and implement secure architectural design patterns in the cloud
• Good understanding of Infrastructure as Code (IaC) languages, such as, Terraform, Pulumi, Deployment Manager, CloudFormation, Ansible, etc.
•  Experience in one or more programming/scripting languages such as Python, Powershell, Go, Bash, etc.
• Ability to communicate effectively with business representatives, articulating risks, requirements and required mitigation through security control/solution(s)
• Ability to document deployment diagrams and operational runbooks
• Security certifications in GCP, AWS, CCSP etc will be good but not a requirement

To all recruitment agencies: Circles will only acknowledge resumes shared by recruitment agencies if selected in our preferred supplier partnership program. Please do not forward resumes to our jobs alias, Circles.Life employees or any other company location. Circles will not be held accountable for any fees related to unsolicited resumes not uploaded via our ATS.

Circles.Life is committed to a diverse and inclusive workplace. We are an equal opportunity employer and do not discriminate on the basis of race, national origin, gender, disability or age.