Cloud Security Engineer (remote)

Firmex is a global software-as-a-service provider with corporate headquarters in Toronto, Canada. The company’s Firmex VDR service is the world’s most trusted virtual data room, having been used by over 140,000 companies worldwide to share confidential documents for due diligence, litigation and compliance.

The Security Engineer is responsible for the day-to-day delivery of Security Operations for Firmex and the operational monitoring of technology and overall delivery of Security Operations. The team directly contributes to the overall enterprise cloud architecture and leads the security vision and strategy around cloud-based applications which include Infrastructure, Platform and Software as a Service (IaaS/PaaS/SaaS).

As our Cloud Security Engineer, you will:

• Work collaboratively within a team of security professionals and across the organization in matters of security best practices, product research and currency as well as product support.
• Support various IT, IT Security and Business projects by providing input on security technologies and operational practices.
• Develop subject matter expertise on assigned security technologies enabling effective and efficient delivery of security services.
• Collaborate with engineering, infrastructure services, and application development organizations to choose appropriate technology solutions and facilitate complete integration of these solutions into the company environments.
• Develop standards in partnership with Engineering, Infrastructure Services, and Application Development.
• Contribute to the Development of Standards, Technical Security Specifications and Operating Procedures as required.
• Actively monitor and research cyber threats with a direct or indirect impact to business operations, or technology infrastructure.

What you'll need to be successful a a Cloud Security Engineer:

• A bachelor’s degree in Computer science, Computer Engineering, or equivalent.
• Experience with Incident Management and Incident Handling.
• Experience on writing custom scripts in PowerShell/Bash.
• Experience managing and configuring AWS services.
• Experience writing Cloudformation templates.
• Experience with Vulnerability Management and Penetration Testing are highly desirable.
• CISSP, OSCP, CISA is an asset but not mandatory.
• Infrastructure experience with Windows, Linux.
• Familiarity with industry compliance, i.e. PCI, HIPAA, GDPR, SOC (1 and 2), etc.
• Experience working with SaaS and PaaS environments and Cloud Native technologies.
• Experience within a 24x7 production environment, preferably across multiple data centers.
• Experience in information security or with systems and computer operations (e.g. Identity & Access Management, IT operations, Certification & Key Management, Security Platform Administration, Security Incident Response).