.**The Company**Our team and products have been recognized with dozens of awards including by the Financial Times which ranked Cover Genius as the #1 fastest-growing company in APAC in 2020. Our diverse team across 20+ countries and many language groups commit itself to diverse cultural programs, in particular "CG Gives" which makes social entrepreneurs out of us all and funds development initiatives in global communities.**Our People are**Bold, Authentic, Purposeful and Inspired**Our People are not**Perfect, Traditional, Complacent or Cautious**About the Role****What will your day look like? You will...**:- Write Risk Management Framework (RMF)-based policies and procedures, and develop comprehensive cyber security processes to contain implementation.- Assessing cloud infrastructure against security best practices and compliance requirements.- Remediating and/or coordinating with appropriate teams to ensure strategies are in place to mitigate cloud infrastructure security issues. Assisting other engineering teams to implement a shift left security culture e.G. pipeline SAST/DAST.- Creating and rolling out MDM policies to corporate devices and ensuring corporate devices are compliant with security policies.- Provision, deprovision and track employee hardware. Or where appropriate that any BYO hardware is used in a sufficiently controlled fashion in compliance with infosec policies.- Partake in technical design reviews, integration, testing, and documentation work.- Providing information to current and prospective customers/partners regarding security.- Conducting risk assessments for current and potential Cover Genius vendors.- Assisting employees with corporate policy compliance.- Coordinating and conducting regular access reviews.- Creating security awareness training for employees.- Assisting the organization in increasing Phishing awareness by creating phishing campaigns.- Assisting the organization in meeting compliance framework requirements (e.G SOC2).- Co-ordinating scheduled external security testing (e.G. annual penetration testing).**To help us level up, you'll ideally have**:- Strong attention to detail with an analytical mind and outstanding problem-solving skills.- Passion for security and awareness of current best practices and trends in the security space.- Experience with AWS and/or GCP platforms and associated security best practices.- Comfortable scripting & developing internal tooling with at least one programming language and ideally some experience with shell scripting (e.G. bash).- Ideally some experience working with infrastructure & configuration as code tools such as Terraform.- Ideally experienced with container technology such as Docker and Kubernetes and general familiarity with cloud native approaches to infrastructure & security.- Experience working with Linux.- Basic understanding of networking and system architecture
