TookiTaki, the global leader building the Trust Layer for Financial Services, is strengthening its cloud security foundation as we scale our AI-driven AML and fraud-detection platforms across global banks and fintechs. We are looking for a Cloud Security Engineer who blends deep cloud expertise with uncompromising security standards - someone who can design, harden, and defend the cloud environments that power our mission. If secure, resilient, and scalable infrastructure is your playground, welcome home.

Roles & Responsibilities :

1. Cloud Security Architecture :

- Design and implement secure cloud architectures across AWS

- Ensure systems meet enterprise-grade security, availability, and performance requirements.

- Drive secure-by-default principles across deployments, services, and automation pipelines.

2. Security Hardening & Compliance :

- Own and maintain PCI-DSSaligned cloud security controls.

- Lead infrastructure hardening across compute, data, storage, network, and IAM.

- Implement end-to-end compliance guardrails, auditing, and continuous monitoring.

- Drive patching, vulnerability management, and threat exposure reduction.

3. Threat Detection & Incident Response :

- Develop runtime threat detection and alerting frameworks (SIEM/SOAR, IDS, CSPM).

- Conduct compromise assessments and respond to potential breaches with speed and clarity.

- Act as the primary escalation point for security incidents and lead root cause analysis.

- Continuously enhance detection logic using emerging threats from the AFC ecosystem.

4. Security Automation & DevSecOps :

- Integrate security tooling into CI/CD workflows (SAST, SCA, DAST, secrets scanning).

- Automate policies using IaC (Terraform/CloudFormation) and policy-as-code frameworks.

- Build automated remediation playbooks to reduce manual intervention.

5. Identity, Access & Secrets Management :

- Implement and govern IAM standards across cloud environments.

- Build least-privilege, zero-trust access frameworks.

- Maintain secure secrets management via Vault, KMS, or similar tooling.

6. Disaster Recovery & Business Continuity :

- Lead DR planning and execution with clear RTO/RPO targets.

OKRs :

- Achieve 99.9% secure and compliant uptime for all cloud infrastructure.

- Reduce high-risk vulnerabilities by 90% within the first 6 months.

- Implement full Cloud Security Monitoring & Alerting within 90 days.

- Shift-left security across CI/CD pipelines with 100% automated checks.

- Reduce mean time to detect (MTTD) and mean time to respond (MTTR) for security incidents by 50%.

Requirements :

Education :

- Required : Bachelors degree in Computer Science, Engineering, Cybersecurity, or equivalent.

- Preferred : Masters degree in Cybersecurity or Cloud Security.

Experience :

- 5 - 7 years in cloud engineering or cloud security roles.

- Proven hands-on experience securing cloud platforms AWS at scale.

- Experience in regulated or compliance-heavy environments (fintech, banking, regtech) preferred.

Technical Expertise :

- Strong understanding of cloud security frameworks (CIS, NIST, PCI-DSS).

- Expertise with IaC tools : Terraform, CloudFormation.

- Hands-on experience with Kubernetes security (EKS).

- Ability to detect, triage and prevent network-level vulnerabilities and misconfigurations in the cloud infrastructure.

- Hands-on with container security (Docker, Kubernetes, EKS/GKE).

- Experience with cloud-native security tools (GuardDuty, Security Hub, GCP SCC, Prisma, Wiz, etc.).

- Strong knowledge of monitoring & logging stacks (ELK, Prometheus, Grafana).

- Proficiency in Python, Go, or Java for security automation.