Tala (formerly InVenture) builds mobile products that help creditworthy individuals in emerging markets validate their financial identities and get access to fair credit to advance their businesses and families. Tala is providing choice and control to individuals around the world when it comes to their financial identity.

Summary

• We are currently seeking a Snr Secops Engineer to design, implement and maintain suitable infrastructure and application security solutions on AWS and GCP public cloud environments using DevSecOps mindset.
• The successful candidate will bring world class cloud-native security expertise to implement solutions for security configuration hardening, vulnerability management, detection, protection and monitoring of security threats and intrusions, in an automated fashion.

What You’ll DO

• Driving the design and implementation of defense-in-depth infrastructure and application security solutions for our customer facing SaaS platform in AWS & GCP public cloud environments
• Driving architecture, implementation, configuration and automation of native and third party cloud security solutions for hardening, detection, prevention, logging and response solutions for security vulnerabilities and threats
• Provide thought leadership with a security bent of mind to the organization
• Working closely with Product, Engineering and IT in a DevSecOps model on technologies like FWs, ACLs, WAFs, IAM roles and permissions, Vulnerability management and hardening, Threat and Intrusion detection, Kubernetes Container Security solutions
• Assisting in incident response and triaging activities as needed for security incidents and events

What You’ll Need

• B.S. Degree in Computer Science or related field or equivalent combination of professional development training and experience
• 3-5 years of previous experience deploying and administering security infrastructure in GCP or AWS public cloud environments, using Infrastructure as Code required
• In-depth hands-on experience with at least one public Cloud platform (AWS or GCP) with advanced knowledge of securing IaaS platforms and services like WAFs, Security Groups, EC2/Compute, EKS/GKE, ECR/GCR, S3/Cloud Storage, RDS/Cloud SQL, Logging and Monitoring
• Prior experience working closely with Product, DevOps and CloudOps’ Site Reliability Engineers on shift-left strategies, CI/CD tools and solutions needed
• Security experience in a cloud native environment in one or more areas: authentication, access management, API security, Linux security, vulnerability scanning, threat and intrusion detection, firewalls, WAF, encryption technologies, container security etc.
• Experience using a programming language such as Python for automation (would be a plus)
• Security certifications such as AWS, GCP , CISSP, CEH, OSCP preferred
• Excellent verbal and written communication skills and ability to document and explain technical details and concepts clearly and concisely
• Agility and willingness to deal with a high level of ambiguity, change, and pressures of high-profile incidents
• Flexibility to pitch in where needed across program and team
• Strong influence and teamwork skills; sound problem resolution, judgment, negotiating, and decision-making skills
• Strong knowledge of industry standards, vulnerability classifications, and attack vectors
• Experience working effectively with global teams in multiple time zones