Cloud Security Engineer

Job description

Who we are:

We are a leader in fraud prevention and AML compliance. Our platform uses device intelligence, behavior biometrics, machine learning, and AI to stop fraud before it happens. Today, over 300 banks, retailers, and fintechs worldwide use Sardine to stop identity fraud, payment fraud, account takeovers, and social engineering scams. We have raised $145M from world-class investors, including Andreessen Horowitz, Activant, Visa, Experian, FIS, and Google Ventures.

Our culture:

• We have hubs in the Bay Area, NYC, Austin, and Toronto. However, we maintain a remote-first work culture. #WorkFromAnywhere

• We hire talented, self-motivated individuals with extreme ownership and high growth orientation.

• We value performance and not hours worked. We believe you shouldn’t have to miss your family dinner, your kid’s school play, friends get-together, or doctor’s appointments for the sake of adhering to an arbitrary work schedule.

Location:

• Remote - US or Canada

• From Home / Beach / Mountain / Cafe / Anywhere!

• We are a remote-first company with a globally distributed team. You can find your productive zone and work from there.

About the Role:

As a Cloud Security Engineer on the DevOps team, you will design and implement guardrails that let engineers move fast while staying safe. This is a hands-on role focused on cloud platform security, automated monitoring, and developer enablement. You’ll work closely with DevOps and engineering to embed security into our infrastructure and CI/CD pipelines so that security is built-in, not bolted-on.

We’re a small, multi-hat team (DevEx, SRE, FinOps, DevSecOps), so this role combines owning core infra security with empowering dev teams through self-service golden paths.

What you’ll be doing:

• Enforce secure defaults across AWS/GCP with least-privilege and zero-trust, using policies-as-code (Terraform validations, OPA/Rego/Conftest, Checkov) and cloud-native guardrails (AWS SCPs, GCP Org Policies).

• Manage secrets, keys, and service accounts with short-lived credentials, automated rotation, and Cloud KMS/Vault or workload identity federation.

• Build automated monitoring and alerting pipelines for cloud logs; integrate with SIEM/SOAR and support modern observability (Datadog, Splunk, OpenTelemetry).

• Drive vulnerability and supply chain security by integrating IaC, container, and dependency scanning into CI/CD; support SBOMs, artifact signing, and provenance.

• Apply cloud-native network security services (AWS Shield, CloudFront WAF, GCP Cloud Armor) via infrastructure-as-code.

• Enable developers through paved-road tooling, docs, and knowledge sharing programs.

What you’ll need:

• 5+ years in cloud security engineering, DevSecOps, or similar roles.

• Strong AWS or GCP experience (multi-cloud a plus).

• Proficiency with Kubernetes, Terraform/OpenTofu, and CI/CD pipelines.

• Familiarity with observability tooling (e.g. Datadog, OpenTelemetry).

• Experience with vulnerability management or scanning tools (e.g. Snyk, Wiz, Trivy).

• Programming skills in Python or Go.

• Bonus: pen testing or threat modeling, fraud/compliance/payments experience, or security certifications (AWS Security Specialty, CKA/CKS, CISSP, OSCP).

Compensation: Base pay range of $140,000 - 170,000 USD / $175,000 - 215,000 CAD + Series C equity with tremendous upside potential + Attractive benefits

The compensation offered for this role will depend on various factors, including the candidate’s location, qualifications, work history, and interview performance, and may differ from the stated range.

Benefits we offer:

• Generous compensation in cash and equity

• Early exercise for all options, including pre-vested

• Work from anywhere: Remote-first Culture

• Flexible paid time off, Year-end break, Self care days off

• Health insurance, dental, and vision coverage for employees and dependents - US and Canada specific

• 4% matching in 401k / RRSP - US and Canada specific

• MacBook Pro delivered to your door

• One-time stipend to set up a home office — desk, chair, screen, etc.

• Monthly meal stipend

• Monthly social meet-up stipend

• Annual health and wellness stipend

• Annual Learning stipend

• Unlimited access to an expert financial advisory

Join a fast-growing company with world-class professionals from around the world. If you are seeking a meaningful career, you found the right place, and we would love to hear from you.

To learn more about how we process your personal information and your rights in regards to your personal information as an applicant and Sardine employee, please visit our Applicant and Worker Privacy Notice .