Our Vision
We believe in a world where travel companies can innovate freely, growing and accelerating their business, while delivering the experience travelers want and the change the industry needs.
FLYR is a technology company that unlocks freedom to innovate for the travel industry – eliminating legacy constraints to enable real-time decision making and create the experiences travelers seek. With FLYR, businesses are able to quickly unlock modern retailing capabilities, improve revenue performance and modernize the e-commerce experience.
Flight Itinerary (About The Role)
We are looking for a Senior Cloud Platform Security Engineer to join the Cloud Security team and secure cloud platform & supporting infrastructure. Securing the cloud, hardening the infrastructure, along with automation skills and a passion for security, will help us to further improve our cloud platform security posture. Existing cloud engineering or securing the public cloud environments expertise is required. As a Senior Cloud Platform Security engineer, your primary focus will be to propose, design, implement and run various cloud & infrastructure level security controls. This includes configuration, and monitoring of cloud resources & controls using the Terraform. The ideal candidate will have experience with securing the variety of environments within a major public cloud provider - Google Cloud PLatform, AWS & Azure. They will also have a strong background in DevOps practices such as CI/CD and automation. The responsibilities include configuration of automated security monitoring systems, cloud native SIEM, IPS, WAF, FW (and other security solutions) and integrating these with alerting systems and ticketing systems. You will work closely with DevOps & Development teams to ensure our organization continues to secure platforms while its customer facing products & services rapidly evolve.
What Your Journey Will Look Like (Responsibilities)
- Collaborate with Cloud Security colleagues, partner with Software Development & Devops teams to ensure that platform-level security controls are in place and effective.
- Deploy, configure and support cloud-native security tooling & standardized non-cloud security solutions
- Build automation to perform security and compliance at scale in the cloud
- Oversee & actively support remediation of identified security issues and hardening initiatives (Cloud platform, virtual machine & container levels)
- Review, design, implement & support proper operations of cloud network security controls (cloud FW, WAF & IPS)
- Review & support improvements of IAM security controls
- Assist with securing CI/CD pipelines and designing early warning controls for early stages of SDLC process
- Support consolidation of security tooling
- Lead integration of security tooling and establishment of standardized security processes
- Contribute to creation of standardized security response playbooks
- Identify, communicate & explain security risks to DevOps, Development or Product teams
- Be part of security incident response team
What To Pack For This Trip (Qualifications)
- Minimum 5+ years of Cloud Engineer or Cloud Security Engineering working experience.
- Proficient in one of the major cloud providers such as Google Cloud Platform (GCP), Amazon Web Services (AWS), or Microsoft Azure. It is advantageous to have significant experience in GCP as that is our primary cloud provider.
- Solid understanding of cloud networking concepts, subnets, routing, load balancing, firewalls, and cloud security.
- Understanding of general security concepts like CIA triad, SDLC, security risk & risk treatment options, threat actors, types of security controls.
- Experience writing Hashicorp Terraform configurations and modules.
- Experience in DevOps and GitOps models with infra-as-code.
- Understanding of landing zones, cloud-native security, monitoring and logging tools.
- Experience with container related technologies (GKE is a benefit) and CICD tools - GitHub Actions, Cloud Build, Cloud Deploy, build pipelines, container repos, etc.
- Proficient in at least one scripting language (i.e. Bash, Python).
- Strong analytical, problem solving and organizational skills.
- Strong collaboration skills and ability to work in a global remote team.
First-Class Amenities
- Regular employment contract
- Equity in Series D startup with high growth potential
- Flexible working hours
- Complimentary Breakfast/Lunch (in-office)
- Sports card
- Medical care
- Life Insurance
- Top-quality tech equipment
- Annual educational fund
- English classes
- Many more!