TrustOnCloud is looking for a new Tocer!
TrustOnCloud enables its customers to leverage Cloud Services by building effective and continuous risk assessment. Our customers are major banks, regulated businesses and government agencies.
We provide a pay-as-you-go knowledge platform; by providing on-demand detailed threat models, mitigation recommendations, and continuous updates for each major Cloud Service Provider.
What a Cloud Threat Analyst does and achieves?
As a Cloud Threat Analyst, you will learn, experiment, test, analyze methodically Cloud Services to assess threats and define controls that our customers can implement to mitigate, up to their risk appetite. Your research enables TrustOnCloud customers to leverage Cloud Services for their critical workloads, including with confidential data.
You will present our findings to the security specialists of TrustOnCloud customers, gather their feedback, and act as a trusted liaison to ensure that all customers have access to the latest and greatest, while ensuring their confidentiality.
What TrustOnCloud has to offer you?
With us, you got the opportunity to work, build relations, and partner with the most security conscious customers. You will work with a team coming from big techs, academics, or financial services, who are thinking big, are relentless in their pursuits, while being committed to a diverse and inclusive workplace.
We offer a fun, demanding and rewarding environment, along with a competitive salary, full-remote, medical, and flexible work-life balance including paid sabbaticals.
What is a typical profile to be successful?
From our experience, the following is preferable:
- Focus on customers, and earning trust. Knowlegeable yet curious to learn.
- Degree (BSc/MsC/PhD) in cyber security, computer science, engineering or related major.
- 6+ years of experience in security, with demonstrated experience in threat model and threat mitigation.
- Hands-on experience on at least one major Cloud Service Provider, ideally in support of mission critical applications
- Good understanding of the terminology and concepts of Information security and security risk management (CISSP knowledge)
- Programming skills and SDLC knowledge (Python, GitHub, CI/CD, Infra-as-code)