SARDINE
Cloud Security Engineer
As a Cloud Security Engineer on the DevOps team, you will design and implement guardrails that let engineers move fast while staying safe. This is a hands-on role focused on cloud platform security, automated monitoring, and developer enablement. You'll work closely with DevOps and engineering to embed security into our infrastructure and CI/CD pipelines so that security is built-in, not bolted-on. We're a small, multi-hat team (DevEx, SRE, FinOps, DevSecOps), so this role combines owning core infra security with empowering dev teams through self-service golden paths. What you'll be doing: Enforce secure defaults across AWS/GCP with least-privilege and zero-trust, using policies-as-code (Terraform validations, OPA/Rego/Conftest, Checkov) and cloud-native guardrails (AWS SCPs, GCP Org Policies). Manage secrets, keys, and service accounts with short-lived credentials, automated rotation, and Cloud KMS/Vault or workload identity federation. Build automated monitoring and alerting pipelines for cloud logs; integrate with SIEM/SOAR and support modern observability (Datadog, Splunk, OpenTelemetry). Drive vulnerability and supply chain security by integrating IaC, container, and dependency scanning into CI/CD; support SBOMs, artifact signing, and provenance. Apply cloud-native network security services (AWS Shield, CloudFront WAF, GCP Cloud Armor) via infrastructure-as-code. Enable developers through paved-road tooling, docs, and knowledge sharing programs. What you'll need: 5+ years in cloud security engineering, DevSecOps, or similar roles. Strong AWS or GCP experience (multi-cloud a plus). Proficiency with Kubernetes, Terraform/OpenTofu, and CI/CD pipelines. Familiarity with observability tooling (e.g. Datadog, OpenTelemetry). Experience with vulnerability management or scanning tools (e.g. Snyk, Wiz, Trivy). Programming skills in Python or Go. Bonus: pen testing or threat modeling, fraud/compliance/payments experience, or security certifications (AWS Security Specialty, CKA/CKS, CISSP, OSCP). Compensation: Base pay range of $140,000 - 170,000 USD / $175,000 - 215,000 CAD + Series C equity with tremendous upside potential + Attractive benefits The compensation offered for this role will depend on various factors, including the candidate's location, qualifications, work history, and interview performance, and may differ from the stated range. Benefits we offer: Generous compensation in cash and equity Early exercise for all options, including pre-vested Work from anywhere: Remote-first Culture Flexible paid time off, Year-end break, Self care days off Health insurance, dental, and vision coverage for employees and dependents - US and Canada specific 4% matching in 401k / RRSP - US and Canada specific MacBook Pro delivered to your door One-time stipend to set up a home office desk, chair, screen, etc. Monthly meal stipend Monthly social meet-up stipend Annual health and wellness stipend Annual Learning stipend Unlimited access to an expert financial advisory Join a fast-growing company with world-class professionals from around the world. If you are seeking a meaningful career, you found the right place, and we would love to hear from you.
As a Cloud Security Engineer on the DevOps team, you will design and implement guardrails that let engineers move fast while staying safe. This is a hands-on role focused on cloud platform security, automated monitoring, and developer enablement. You'll work closely with DevOps and engineering to embed security into our infrastructure and CI/CD pipelines so that security is built-in, not bolted-on. We're a small, multi-hat team (DevEx, SRE, FinOps, DevSecOps), so this role combines owning core infra security with empowering dev teams through self-service golden paths. What you'll be doing: Enforce secure defaults across AWS/GCP with least-privilege and zero-trust, using policies-as-code (Terraform validations, OPA/Rego/Conftest, Checkov) and cloud-native guardrails (AWS SCPs, GCP Org Policies). Manage secrets, keys, and service accounts with short-lived credentials, automated rotation, and Cloud KMS/Vault or workload identity federation. Build automated monitoring and alerting pipelines for cloud logs; integrate with SIEM/SOAR and support modern observability (Datadog, Splunk, OpenTelemetry). Drive vulnerability and supply chain security by integrating IaC, container, and dependency scanning into CI/CD; support SBOMs, artifact signing, and provenance. Apply cloud-native network security services (AWS Shield, CloudFront WAF, GCP Cloud Armor) via infrastructure-as-code. Enable developers through paved-road tooling, docs, and knowledge sharing programs. What you'll need: 5+ years in cloud security engineering, DevSecOps, or similar roles. Strong AWS or GCP experience (multi-cloud a plus). Proficiency with Kubernetes, Terraform/OpenTofu, and CI/CD pipelines. Familiarity with observability tooling (e.g. Datadog, OpenTelemetry). Experience with vulnerability management or scanning tools (e.g. Snyk, Wiz, Trivy). Programming skills in Python or Go. Bonus: pen testing or threat modeling, fraud/compliance/payments experience, or security certifications (AWS Security Specialty, CKA/CKS, CISSP, OSCP). Compensation: Base pay range of $140,000 - 170,000 USD / $175,000 - 215,000 CAD + Series C equity with tremendous upside potential + Attractive benefits The compensation offered for this role will depend on various factors, including the candidate's location, qualifications, work history, and interview performance, and may differ from the stated range. Benefits we offer: Generous compensation in cash and equity Early exercise for all options, including pre-vested Work from anywhere: Remote-first Culture Flexible paid time off, Year-end break, Self care days off Health insurance, dental, and vision coverage for employees and dependents - US and Canada specific 4% matching in 401k / RRSP - US and Canada specific MacBook Pro delivered to your door One-time stipend to set up a home office desk, chair, screen, etc. Monthly meal stipend Monthly social meet-up stipend Annual health and wellness stipend Annual Learning stipend Unlimited access to an expert financial advisory Join a fast-growing company with world-class professionals from around the world. If you are seeking a meaningful career, you found the right place, and we would love to hear from you.