Now hiring
Cloud Security Architect
Now hiring

Cloud Security Architect

About Toptal

Toptal is a global network of top freelance talent in business, design, and technology that enables companies to scale their teams, on-demand. With $200+ million in annual revenue and over 40% year-over-year growth, Toptal is the world’s largest fully remote company.

We take the best elements of virtual teams and combine them with a support structure that encourages innovation, social interaction, and fun. We see no borders, move at a fast pace, and are never afraid to break the mold.

Position Description

As a Cloud Security Architect at Toptal, you will be in charge of identifying Toptal’s main attack vectors, provide and lead a strategy to mitigate those risks. You will work with Development teams, Security Operations, IT Operations, Infrastructure teams and Risk and Compliance to provide the tools, environment, and guidance for building high-quality secure applications. You will contribute to software design and implementation decisions. You will build libraries and utilities to help developers to keep our software secure. You will conduct assessments, automate operational workflows, and hold security training.

Responsibilities:

  • Identify and maintain a list of attack vectors.
  • Build strategies and lead the change to mitigate the security risks from an integral perspective.
  • Create and improve engineering Disaster Recovery strategy.
  • Build the opportunity assessments, and collaborate with the security team to set the priorities.
  • Provide timely and adequate information about the current state of Toptal security.
  • Develop corporate security practices, policies, and standards.
  • Respond to any ongoing or completed incidents, help the teams to find the root cause, and set any possible action point.
  • Contribute to the creation of application designs and solutions and assist with code reviews.
  • Educate the staff on personal, corporate, architecture, and development security best practices.
  • Raise security concerns to the forefront.

In the first week, expect to:

  • Onboard and integrate into Toptal.
  • Rapidly begin learning about Toptal’s history, culture, and vision.

In the first month, expect to:

  • Get familiar with the tools we use to assess and improve the security of our applications.
  • Complete necessary training.
  • Have one on ones with all the relevant security people.
  • Begin collaborating with other teams.

In the first three months, expect to:

  • Identify major security risks.
  • Improve the security audit of our applications (integrate new security tools, scale current solutions to more projects, create dashboards with metrics, and set up automated notifications for our teams).
  • Begin studying for a security-related certification following the team’s guidelines.
  • Work on achieving team OKRs.

In the first six months, expect to:

  • Build a security strategy focused around engineering.
  • Take part in making design/implementation decisions.
  • Provide support during security events and carry on follow-up actions.
  • Suggest and implement improvements to our processes and tools.
  • Hold security awareness & education sessions and develop appropriate materials for the whole company.

In the first year, expect to:

  • Assist in preparation for certification against one of the modern security standards (ISO 27001, SOC1, or other).
  • Get certified in the item of your choice.

Requirements:

  • Outstanding communication skills.
  • Great vision and strategy for security.
  • Experience working with Agile methodologies.
  • Experience with change management within an organization.
  • 5+ years of experience with application security.
  • Experience in application development with at least 1 modern programming language.
  • Infrastructure and network experience.
  • Experience with automation and Continuous integration tools.
  • Experience securing cloud platforms (preferably GCP).
  • Experience with threat analysis and red team.
  • Knowledge of OWASP methodology and web and mobile vulnerabilities.
  • Be familiar with common security standards (e.g. ISO/IEC 27000-series, GDPR, SOC1).
  • Be familiar with SAST and DAST tools like BurpSuite, OWASP ZAP, NMap, Metasploit, Kali Linux, etc.
  • Be familiar with SIEM or IPS and IDS tools.
  • Ability to solve complex problems by considering multiple solutions, weighing them, and deciding on the best course of action.
  • Be genuinely interested in technology and love to try new things.
  • Be open to receiving constructive feedback.
  • Be a team player at heart.
For Toptal Use Only: #individualcontributorEurope #individualcontributorSA #LI-CS1 #LI-REMOTE

Who You Will Work With

Ismael Peinado

Ismael Peinado

Chief Technology Officer

As Toptal's Chief Technology Officer, Ismael leads the company's engineering organization, driving process and culture to ensure top quality delivery from our team of world-class engineers. Ismael was formerly the CEO and Co-Founder of Blue4, a distributed media system used in the aerospace and entertainment industries. He leverages over twenty years’ experience in providing commercial, operational, and technical leadership for B2B, B2C, and government organizations from early-stage startup to large-high growth market leaders. Ismael has a BE and BS in Industrial Engineering from the Universidad de Málaga.

Emiliano Ritiro

Emiliano Ritiro

Director of Engineering

As one of Toptal's Directors of Engineering, Emiliano is responsible for all new development and maintenance related to Toptal's Infrastructure, Continuous Integration, Security Operations, and Help desk. Emiliano has a lean, product-first mentality. He has led the development of software for enterprises and startups, including Deloitte, Bago, and Virgin. Emiliano has a Master's in Computer Engineering from the University of Buenos Aires.

View the Whole Team

Working at Toptal

We're changing the way the world works. Toptal is not only a place to progress your career and design your own lifestyle, but also a company where you'll learn how to develop innovations that push business and technology forward.
Toptal Careers

Think you’re a fit? Apply below:

Browse
By submitting your application, you are agreeing to Toptal’s Terms of Service, Privacy Policy, and Cookie Policy. Toptal may record your interview for quality assurance and training purposes.
Interested in joining our global talent network?
Apply as a Freelancer  
Quote author

Working at Toptal has been the best experience of my career. Every day I'm surrounded by intelligent, thoughtful, and hard-working colleagues that push me to be better.

Jordan Lyons

SEO Manager