Job Description
About Trafilea
Trafilea is a dynamic and innovative Tech E-commerce Group that operates multiple direct-to-consumer brands in the intimate apparel and beauty sectors, with a focus on using data-driven strategies to scale their businesses. In addition to our products, we have our own online community dedicated to promoting body positivity. As a rapidly growing global player, Trafilea is committed to creating high-quality products and services that enhance the customer experience and drive long-term growth.
At Trafilea, we foster a culture of collaboration, innovation, and continuous learning. We believe in investing in our people and providing them with the support and development opportunities they need to grow both personally and professionally. With our remote-first approach, you'll have the freedom to work from anywhere in the world, surrounded by a diverse and talented team that spans the globe.
🌟 Role Mission
The Cloud Security Engineer (DevSecOps) is responsible for implementing and maintaining security controls in our AWS cloud environment, ensuring compliance with industry best practices and protecting our infrastructure from cyber threats. You will work closely with DevOps, engineering, and security teams to embed security in all stages of development and operations, driving a shift-left security culture.
Your mission is to proactively identify and mitigate security risks, enforce secure infrastructure design, and ensure our cloud environment remains resilient, compliant, and secure.
🛠️ Responsibilities
🔹 Cloud Security Architecture & Compliance
🎓 Qualifications
✅ Must-Have Skills
✔️ 3+ years of experience in cloud security, DevSecOps, or cybersecurity roles.
✔️ Strong expertise in AWS security (IAM, Security Groups, KMS, WAF, GuardDuty, Config, Inspector, etc.).
✔️ Experience securing CI/CD pipelines (GitHub Actions, Jenkins, GitLab CI/CD) and integrating security tools (SAST, DAST, SCA).
✔️ Strong knowledge of cloud networking security (VPC, NACLs, VPN, Firewalls, Zero Trust principles).
✔️ Experience with Infrastructure as Code (Terraform, CloudFormation, AWS CDK) and security policy automation.
✔️ Proficiency in threat detection, incident response, and security monitoring tools.
✔️ Hands-on experience with scripting and automation (Python, Bash, PowerShell, or similar).
✅ Nice-to-Have Skills
➕ Experience with Kubernetes and container security (EKS, Istio, Falco, Aqua Security, or similar).
➕ Knowledge of AWS Organizations, SCPs, and Landing Zone security best practices.
➕ Experience with Cloud Security Posture Management (CSPM) tools (Prisma Cloud, AWS Security Hub, Wiz).
➕ Familiarity with compliance frameworks (SOC 2, ISO 27001, PCI-DSS, GDPR, NIST 800-53).
➕ Experience conducting red teaming, penetration testing, or cloud security assessments.
Trafilea is a dynamic and innovative Tech E-commerce Group that operates multiple direct-to-consumer brands in the intimate apparel and beauty sectors, with a focus on using data-driven strategies to scale their businesses. In addition to our products, we have our own online community dedicated to promoting body positivity. As a rapidly growing global player, Trafilea is committed to creating high-quality products and services that enhance the customer experience and drive long-term growth.
At Trafilea, we foster a culture of collaboration, innovation, and continuous learning. We believe in investing in our people and providing them with the support and development opportunities they need to grow both personally and professionally. With our remote-first approach, you'll have the freedom to work from anywhere in the world, surrounded by a diverse and talented team that spans the globe.
🌟 Role Mission
The Cloud Security Engineer (DevSecOps) is responsible for implementing and maintaining security controls in our AWS cloud environment, ensuring compliance with industry best practices and protecting our infrastructure from cyber threats. You will work closely with DevOps, engineering, and security teams to embed security in all stages of development and operations, driving a shift-left security culture.
Your mission is to proactively identify and mitigate security risks, enforce secure infrastructure design, and ensure our cloud environment remains resilient, compliant, and secure.
🛠️ Responsibilities
🔹 Cloud Security Architecture & Compliance
- Design and implement secure cloud architectures in AWS, ensuring best practices for network security, IAM, and data protection.
- Define and enforce security policies, guardrails, and compliance frameworks (SOC 2, ISO 27001, GDPR).
- Monitor and mitigate security vulnerabilities across cloud services, applications, and networks.
- Integrate security tools into CI/CD pipelines to automate security scanning, vulnerability management, and compliance checks.
- Develop and maintain Infrastructure as Code (IaC) security policies using Terraform, CloudFormation, or CDK.
- Automate security controls, monitoring, and remediation using Python, Bash, or similar scripting languages.
- Implement SIEM, IDS/IPS, and security monitoring tools to detect and respond to threats.
- Define incident response plans and lead investigations for security incidents.
- Perform cloud security assessments, penetration testing, and risk analysis.
- Design secure authentication and authorization models using IAM best practices.
- Implement least privilege access controls, role-based access control (RBAC), and multi-factor authentication (MFA).
- Enforce AWS security policies, service control policies (SCPs), and permissions boundaries.
- Work closely with DevOps and engineering teams to foster a security-first mindset.
- Conduct training sessions on secure coding, cloud security best practices, and threat mitigation.
- Document security processes, standards, and best practices.
- Collaborate with world-class talents in a data-driven, dynamic, energetic work environment.
- Opportunity to grow and develop both professionally and personally.
- Safe space to be who you truly are, with a commitment to diversity, equity, and inclusion.
- Openness to new ideas and initiatives.
- Great benefits package including remote work, 15 working days of paid holidays, Learning subsidy, and more!
🎓 Qualifications
✅ Must-Have Skills
✔️ 3+ years of experience in cloud security, DevSecOps, or cybersecurity roles.
✔️ Strong expertise in AWS security (IAM, Security Groups, KMS, WAF, GuardDuty, Config, Inspector, etc.).
✔️ Experience securing CI/CD pipelines (GitHub Actions, Jenkins, GitLab CI/CD) and integrating security tools (SAST, DAST, SCA).
✔️ Strong knowledge of cloud networking security (VPC, NACLs, VPN, Firewalls, Zero Trust principles).
✔️ Experience with Infrastructure as Code (Terraform, CloudFormation, AWS CDK) and security policy automation.
✔️ Proficiency in threat detection, incident response, and security monitoring tools.
✔️ Hands-on experience with scripting and automation (Python, Bash, PowerShell, or similar).
✅ Nice-to-Have Skills
➕ Experience with Kubernetes and container security (EKS, Istio, Falco, Aqua Security, or similar).
➕ Knowledge of AWS Organizations, SCPs, and Landing Zone security best practices.
➕ Experience with Cloud Security Posture Management (CSPM) tools (Prisma Cloud, AWS Security Hub, Wiz).
➕ Familiarity with compliance frameworks (SOC 2, ISO 27001, PCI-DSS, GDPR, NIST 800-53).
➕ Experience conducting red teaming, penetration testing, or cloud security assessments.
Similar Jobs
Explore other opportunities that match your interests
Visa Sponsorship
Relocation
Remote
Job Type
Other
Experience Level
Mid-Senior level
wiset
Uruguay
Visa Sponsorship
Relocation
Remote
Job Type
Contract
Experience Level
Entry level
planbnext
India
Senior Cloud Database Administrator
••••••
••••••
••••••
Job Type
••••••
Experience Level
••••••
Miratech
Ukraine