🛠 Tech Stack

💼 About This Role

You'll own both the hands-on technical security stack and governance/compliance programs at Bureau, a unified risk decisioning platform. You'll harden cloud and container infrastructure, run vulnerability management and incident response, and maintain ISMS supporting audits. This blended role avoids pure GRC or pure blue-team silos.

🎯 What You'll Do

• Harden and monitor AWS/EKS cloud and container infrastructure
• Run vulnerability management, security tooling, and incident response
• Maintain ISMS and support audits (ISO 27001, SOC 2, RBI, DPDP)

📋 Requirements

• 2-4 years of experience in security engineering, cloud security, or GRC
• Good understanding of security engineering fundamentals (Linux, networking, IAM, encryption)
• Comfortable with cloud platforms (AWS preferred) and their security services
• Familiarity with core frameworks (ISO 27001, SOC 2, basic risk management)

✨ Nice to Have

• Cloud security certifications (e.g., AWS Security, Cloud Practitioner)
• ISO 27001 Lead Auditor/Implementer or CompTIA Security+
• Experience with EDR/XDR, CSPM/CNAPP, SIEM, WAF, container security

🎁 Benefits & Perks

• 💰 Competitive salary with potential equity
• 🏖️ Flexible time off (performance over hours)
• 🚀 High ownership and fast-paced culture