Senior Security Engineer Cloud & DevSecOps in OAK'S LAB

FULL_TIME

Santiago   Ciudad de México or Guadalajara
This job takes place some days from home and others at the office in: Santiago Ciudad de México or Guadalajara
(Hybrid)
| Senior | Full time | Cybersecurity

Gross salary $6000 - 9000 USD/month

2 applications
Last checked 4 days ago
Apply now
Requires applying in English

Capital Markets Gateway LLC. (CMG) is a financial technology firm, uniquely focused on the equity capital markets (ECM), connecting investors and underwriters via a collaborative network. Launched in 2017 by a team of ECM practitioners, CMG has completed two successful fundraising rounds and is backed by a group of the world's most prestigious financial institutions such as Goldman Sachs, JPMorgan, UBS, and Barclays to name a few. The CMG platform is currently built upon by nearly 135 buy-side firms representing $40 trillion in assets under management and 17 global investment banks.

Role and Responsibilities

We are seeking a proactive and highly skilled Senior Security Engineer specializing in Cloud & DevSecOps to enhance our security posture across cloud infrastructure, applications, and development practices. This hands-on role focuses on securing cloud environments and integrating security into development pipelines.

Cloud & Infrastructure Security

  • Design and implement cloud security architecture across multi-cloud platforms (Azure, AWS/GCP).
  • Conduct risk assessments and secure environments using Infrastructure as Code (IaC) tools like Terraform.
  • Collaborate with DevOps on initiatives related to network security, data protection, and secure configurations.

Application Security & DevSecOps

  • Integrate security best practices into the Software Development Life Cycle (SDLC) for languages such as .NET, JavaScript, and Python.
  • Work with development teams to enforce secure coding standards and maintain API security.
  • Secure containerized applications deployed via Kubernetes and perform threat modeling for existing applications.
  • Perform threat modeling and risk assessments for both new and existing applicationsImplement and maintain any required security audit trails and/or integrations into security monitoring apparatus

Security Automation & Compliance

  • Develop policy-as-code frameworks and automate security testing in CI/CD pipelines using tools like GitHub Actions.
  • Monitor vulnerabilities in cloud infrastructure and application environments through regular scans.
  • Support compliance initiatives (e.g., SOC2) to ensure adherence to regulatory standards

Security Governance & Leadership

  • Mentor engineers on security best practices across cloud and application domains.
  • Serve as a subject matter expert in areas like identity management, encryption, and data loss prevention.
  • Maintain security documentation and stay informed on emerging threats and technologies.

Qualifications and requirements

  • C1 or C2 level English
  • 7+ years of hands-on experience in information security, with a strong focus on cloud and application security
  • 4+ years of experience securing cloud platforms (Azure preferred, AWS, GCP), including deep expertise with cloud-native security tools and Infrastructure as Code (Terraform)
  • Proven track record securing application environments and integrating security into DevOps practices
  • Strong understanding of API security, encryption, and secrets management in distributed cloud environments
  • Hands-on experience with automation tools like Terraform and Ansible, and security-focused CI/CD pipelines
  • Expertise in securing containerized environments (Docker, Kubernetes) and addressing vulnerabilities in container images and dependencies
  • Strong knowledge of cryptography, key management and data protection best practices

Key Technologies

  • CloudPlatforms: Azure (preferred), GCP, AWS
  • Infrastructure-as-Code (IaC): Terraform
  • Languages: .NET, JavaScript, Python, Bash, Powershell
  • Containers: Docker, Kubernetes
  • CI/CD Tools: GitHub
  • Database: PostgreSQL
  • Secrets Management: Key Vault
  • Operating Systems: Linux, Windows, MacOS

Desirable skills

  • Strong ownership and initiative, with the ability to work independently in a fast-paced environment
  • Excellent multitasking and prioritization skills, capable of handling complex, concurrent tasks
  • Passion for security innovation, staying ahead of emerging threats, and continuously improving security processes
  • Detail-oriented, ensuring thorough tracking of issues and resolutions

Conditions

  • 15 days of vacation
  • Gym membership contribution
  • Language courses
  • Tech courses and conferences
  • Top-of-the-line MacBook
  • Potential trips to the USA
  • Company team-building events
  • Flexible working hours and the possibility to work from home

Flexible hours Flexible schedule and freedom for attending family needs or personal errands.
Partially remote You can work from your home some days a week.
Computer provided OAK'S LAB provides a computer for your work.
Informal dress code No dress code is enforced.

Remote work policy

Hybrid

This job takes place some days from home and others at the office in Santiago (Chile) or Ciudad de México or Guadalajara (Mexico).

About OAK'S LAB

Capital Markets Gateway is a US FinTech firm ,focused on the equity capital markets by connecting investors and underwriters. Our platform serves 135 buy-side firms, representing over $40 trillion in assets under management and 17 Global Investment Banks — OAK'S LAB's full profile

Senior Security Engineer Cloud & DevSecOps
OAK'S LAB • Santiago   Ciudad de México or Guadalajara
This job takes place some days from home and others at the office in: Santiago Ciudad de México or Guadalajara
(Hybrid)
Apply
Requires applying in English