Cap4Lab
Cloud Security Expert
Cap4 Lab is seeking a skilled Cloud Security expert to lead the end-to-end security architecture of our PaaS platform. In this role, you will bridge the gap between high-level strategic design and hands-on cloud-native engineering. You will be responsible for building a secure, automated, and compliant environment using Infrastructure-as-Code (IaC) and modern DevSecOps practices.
As part of a lean, automation-driven team reporting directly to the CISO, you will have significant ownership over our security roadmap, focusing on multi-tenant isolation, zero-trust principles, and automated compliance. We are looking for a security leader who prefers code over spreadsheets.
At Cap4 Lab, you won't just be managing security, you will be building it. You will own the end-to-end architecture of our PaaS, ensuring that our multi-tenant environment is resilient, automated, and compliant by design.
I tuoi compiti
• Security Architecture & Design: Perform threat modeling (STRIDE); define security baselines; and design robust controls for IAM, WAF, KMS, Kubernetes, and network segmentation.
• Automation & Implementation: Deploy and maintain cloud infrastructure using IaC (Terraform); enforce multi-tenant isolation; and manage certificate lifecycles, WAF/TLS termination, and Cloud Security Gateways.
• Resilience & Operations: Automate backup/DR workflows and cross-region replication; monitor configuration drift; and integrate telemetry into SIEM/EDR systems.
• Compliance & Governance: Map technical controls to SOC 2/ISO 27001 frameworks; guide penetration testing efforts; and implement automated evidence collection for audit readiness.
• Security Enablement: Mentor engineering teams on secure design patterns, review CI/CD pipeline security, and maintain comprehensive architecture decision records (ADRs).
Il tuo profilo
• Experience: 2+ years of experience in Security Architecture and Cloud-Native Engineering (AWS, Azure, Alibaba Cloud or GCP).
• Technical Expertise: hands-on experience with Kubernetes (K8s), container security, multi-tenancy, and Zero Trust architecture.
• Tools & Workflow: Proficiency in IaC (Terraform or CloudFormation) and Policy-as-Code within GitOps workflows.
• Security Controls: background in WAF, PKI/TLS, KMS, and SIEM/EDR integration.
• Compliance Knowledge: experience with threat modeling and frameworks like SOC 2 or ISO 27001.
• Certifications: cloud-specific security certifications (e.g., AWS Certified Security Specialty) are highly preferred.
• Experience securing PaaS/SaaS platforms.
• Experience designing client-facing security/trust centers.
Cosa offriamo
To apply, send your application to jobs@cap4group.com
Invia la tua candidatura a: jobs@cap4lab.com
Oggetto Rende - Cloud Security Expert
Acconsento al trattamento dei miei dati personali (incluso il mio curriculum vitae) ai fini del reclutamento e di eventuali opportunità di lavoro presso Cap4 Lab.
Comprendo che posso revocare tale consenso in qualsiasi momento contattando il Responsabile della protezione dei dati: dpo@cap4group.com.
Ho letto e accetto l’Informativa sulla privacy.