Cloud Security Engineer

About us

Gogolook is a leading TrustTech company established in 2012. With "Build for Trust" as its core value, it aims to create an AI- and data-driven global anti-fraud network as well as Risk Management as a Service. From multi-communication to fintech, and SaaS, Gogolook creates trustworthy empowerment with the use of technology in various fields.

A founding member of the Global Anti-Scam Alliance (GASA), Gogolook has also teamed up with a number of institutes such as the Taiwan National Police Agency Criminal Investigation Bureau, the Financial Supervisory Service of South Korea, Thai Royal Police, the Fukuoka city government, the Philippines Cybercrime Investigation and Coordinating Center, and the Royal Malaysia Police and state government to fight fraud and ultimately, to build a trustworthy communication network with the largest number database in East Asia and Southeast Asia. In July 2023, TrustTech provider Gogolook completed its IPO listing on the Taiwan Innovation Board (TIB) of the Taiwan Stock Exchange (TWSE), under the ticker number 6902.

Why you should join Gogolook

1. Influential products: What we make are meaningful products that create values for society and defend against frauds.

2. Emphasize self-growth: We encourage technical community activities, subsidize tickets for conferences and workshops so that learning is continuously supported by the company.

3. Unleash your talent: We respect the professional opinions of everyone, encourage team members to discuss with each other, and make awesome products together.

4. Transparent culture: We publicly share the company's information to all, every member can read and feedback, and become a part of participating in the proposal.

We are seeking an experienced and passionate Cloud Security Engineer to join our team. As a Cloud Security Engineer, you will be

responsible for designing, implementing, and maintaining cloud security architecture to ensure our cloud infrastructure and applications adhere to security standards and can withstand various cyber threats.

Key Responsibilities:

1. Cloud Security Architecture Design and Implementation:

- Design and implement secure cloud infrastructure, including but not limited to AWS, Azure, or GCP.

- Develop and enforce cloud security policies and best practices.

2. Security Monitoring and Management:

- Monitor and manage security incidents and abnormal activities within the cloud environment.

- Utilize automation tools and scripts to enhance security operations efficiency.

3. Vulnerability Management:

- Conduct regular security assessments and vulnerability scans, and remediate identified security issues.

- Manage and maintain security patches and updates in cloud services.

4. Identity and Access Management:

- Design and manage identity and access control mechanisms in cloud platforms to ensure only authorized

users can access sensitive resources.

- Implement multi-factor authentication (MFA) and other advanced authentication techniques.

5. Data Protection and Compliance:

- Ensure data protection within the cloud environment complies with company policies and regulatory requirements.

- Assist in completing compliance audits and risk assessments.

6. Disaster Recovery and Business Continuity:

- Develop and test disaster recovery plans to ensure quick recovery of business operations in the event of a

major security incident.

- Participate in the development and implementation of business continuity plans.

7. Security Awareness Training:

- Provide cloud security training for team members and other employees to enhance overall security awareness.

Requirements:

1. Bachelor’s degree in Computer Science, Information Security, or a related field; a Master’s degree is preferred.

2. At least 3-5 years of experience in cloud security-related work.

3. Familiarity with security features and best practices of major cloud platforms (e.g., AWS, Azure, GCP).

4. Knowledge and experience in network security, application security, data protection, and compliance.

5. Proficiency in using cloud security tools and technologies such as IAM, VPC, encryption, SIEM, etc.

6. Excellent problem-solving and analytical skills, capable of quickly responding to and handling security incidents.

7. Good communication skills, able to effectively communicate with technical teams and non-technical personnel.

Preferred Qualifications:

1. Experience with automation and scripting (e.g., Python, Shell).

2. Familiarity with DevSecOps and related tools and processes.

3. Participation in open-source security projects or community activities.

4. Relevant security certifications (e.g., CISSP, CCSP, AWS Certified Security Specialty) are preferred.