Senior SecOps Engineer
About Tala
Tala is on a mission to unleash the economic power of the Global Majority – the 4 billion people overlooked by existing financial systems. With nearly half a billion dollars raised from equity and debt, we are serving millions of customers across three continents. Tala has been named by the Fortune Impact 20 list, CNBC’s Disruptor 50 five years in a row, CNBC’s World's Top Fintech Company, Forbes’ Fintech 50 list for eight years running, and Chief's The New Era of Leadership Award. We are expanding across product offerings, countries and crypto and are looking for people who have an entrepreneurial spirit and are passionate about our mission.
By creating a unique platform that enables lending and other financial services around the globe, people in emerging markets are able to start and expand small businesses, manage day-to-day needs, and pursue their financial goals with confidence. Currently, over nine million people across Kenya, the Philippines, Mexico, and India have used Tala products. Due to our global team, we have a remote-first approach, and also have offices in Santa Monica, CA (HQ); Nairobi, Kenya; Mexico City, Mexico; Manila, the Philippines; and Bangalore, India.
Most Talazens join us because they connect with our mission. If you are energized by the impact you can make at Tala, we’d love to hear from you!
The Role
We are currently seeking a Sr Secops Engineer to design, implement, and maintain suitable infrastructure and application security solutions on AWS and GCP public cloud environments using a DevSecOps mindset. You will bring world-class cloud-native security expertise to implement solutions for security configuration hardening, vulnerability management, detection, protection,n and monitoring of security threats and intrusions, in an automated fashion.
What You'll Do
- Driving the design and implementation of defense-in-depth infrastructure and application security solutions for our customer-facing SaaS platform in AWS & GCP public cloud environments
- Driving architecture, implementation, configuration, and automation of native and third-party cloud security solutions for hardening, detection, prevention, login,g and response solutions for security vulnerabilities and threats
- Assisting in incident response and triaging activities as needed for security incidents and events
- Working closely with Product, Engineering, and IT in a DevSecOps model on technologies like FWs, ACLs, WAFs, IAM roles and permissions, Vulnerability management and hardening, Threat and Intrusion detection, Kubernetes Container Security solutions
- Provide thought leadership with a security bent of mind to the organization
- 5-7 years of previous experience deploying and administering security infrastructure in GCP or AWS public cloud environments, using Infrastructure as Code required
- In-depth hands-on experience with at least one public Cloud platform (AWS or GCP) with advanced knowledge of securing IaaS platforms and services like WAFs, Security Groups, EC2/Compute, EKS/GKE, ECR/GCR, S3/Cloud Storage, RDS/Cloud SQL, Logging and Monitoring
- Security experience in a cloud-native environment in one or more areas: authentication, access management, API security, Linux security, vulnerability scanning, threat and intrusion detection, firewalls, WAF, encryption technologies, container security, etc.
- Prior experience working closely with Product, DevOps and CloudOps' Site Reliability Engineers on shift-left strategies, CI/CD tools and solutions needed
- Experience using a programming language such as Python for automation (would be a plus)