Description

About Us:

Penlink is a global leader in digital intelligence solutions. Our advanced technologies simplify complex data, empowering public safety organizations to make informed decisions quickly and effectively. We believe in the power of data-driven intelligence to accelerate clarity in decision-making for global security, strategic operations, and the most critical missions. Headquartered in the US with offices worldwide.

Job Description:

We’re looking for a Senior Cloud Security Engineer (DevSecOps) to join our engineering group and help lead our cloud protection, detection, and response initiatives. You’ll collaborate with R&D, DevOps, and Compliance teams to embed security into the heart of how we build, deploy, and operate.

Key Responsibilities:

Cloud Security Architecture

Guide secure design patterns across AWS and Azure environments.
Harden infrastructure and reduce the attack surface.
Align cloud architectures with modern security standards and frameworks.

Access Control and Identity Protection

Support design and management of access controls and secrets handling.
Help enforce least-privilege principles and secure identity boundaries in a fast-paced SaaS setting.

DevSecOps and SDLC Integration

Integrate automated security checks into CI/CD pipelines (e.g., static and dynamic analysis, dependency scanning).
Promote shift-left security practices through policy enforcement at build and deploy stages.

Threat Detection and Response

Tune detection systems for cloud and application layers.
Investigate security events and anomalies.
Assist in incident response and post-incident reviews.

Requirements
Minimum of 3 years in cloud or infrastructure security.
Deep hands-on experience with AWS and Azure (GCP is a plus).
Familiarity with Kubernetes and containerized workloads.
Strong Linux fundamentals and understanding of cloud-native network architectures.
Experience integrating security in CI/CD pipelines (e.g., Azure DevOps).
Knowledge of infrastructure-as-code, static/dynamic analysis, and vulnerability management tools.
Proven ability to collaborate cross-functionally with DevOps, Professional Services, IT and R&D teams.

Preferred Qualifications:

Experience with multi-cloud environments.
Proficiency in scripting for automation (e.g., Python, Bash).
Familiarity with IaC and Kubernetes security best practices.
Certifications such as AWS Security Specialty or Azure Security Engineer Associate.