Startup Jobs
Post a Job
Xapo

Principal Cloud Security Engineer (Remote - Work from Anywhere)

Remote

TLDR

Join a proactive security team to secure cloud-native infrastructure across AWS and GCP, driving security-first initiatives and promoting best practices for a global digital banking platform.

Work from anywhere, impact everywhere 

Diversity is at the heart of who we are at Xapo Bank. We’re a fully distributed team of over 130 Xapiens that work remotely from 30+ countries around the world. 

Our beginning: A world that enjoys economic freedom and wealth protection, no matter where you live or who is running your country.

To achieve that, we search the world for the best people for the job. We work hard, think globally, and inspire each other to learn and grow. We are committed to changing the way things are done.

 

Although we are headquartered in Gibraltar, this is a full time, 100% remote position 
Work from anywhere!

Position overview

We are looking for a seasoned and proactive Principal Cloud Security Engineer to join our security team. In this role, you will be responsible for securing our cloud-native infrastructure and services across AWS, GCP, and other environments that power our global digital banking and crypto platform.

As a Cloud Security Engineer, you will play a critical role in designing, implementing, and maintaining security controls that safeguard the confidentiality, integrity, and availability of our systems. You’ll collaborate with engineering, Platform, and product teams to ensure our cloud operations are resilient, compliant, and security-first by design.

We're looking for someone who brings strong technical expertise, a builder’s mindset, and the ability to work independently on complex problems. If you thrive in a fast-paced, globally distributed environment, and enjoy working at the intersection of infrastructure and security, this is the role for you.


Responsibilities

  • Architect, implement, and maintain cloud security controls across AWS and GCP to protect our infrastructure, applications, and data.
  • Take full ownership of security projects, driving them from initial concept through development, testing, and deployment.
  • Review, write and deploy  infrastructure-as-code (IaC) security solutions using Terraform.
  • Continuously assess cloud environments using Cloud Security Posture Management (CSPM) platforms like Wiz.
  • Support monitoring, detection, and response for cloud threats by integrating with tools such as AWS GuardDuty, Security Hub, and GCP Security Command Center.
  • Participate actively in incident response and forensic analysis for cloud-related security events.
  • Collaborate with cross-functional teams to perform threat modeling and secure architecture reviews for new services and infrastructure changes.
  • Help reinforce a security-first culture by sharing best practices and participating in awareness initiatives.

Skills needed

  • 5+ years of experience in cloud security engineering, DevSecOps, or related infrastructure security roles. with demonstrable expertise in securing cloud environments (especially AWS and/or GCP).
  • Strong hands-on experience with securing AWS and/or GCP environments (IAM, VPCs, workload protection, encryption, etc.).
  • Proficiency in Terraform, with a focus on building and enforcing secure cloud infrastructure.
  • Solid experience with cloud-native security tools and CSPM solutions like Wiz, Prisma Cloud, or Orca Security.
  • Familiarity with security frameworks and standards (e.g., NIST, CIS, ISO) and their practical application in cloud environments.
  • Familiarity with container security concepts.
  • Solid grasp of DevSecOps principles, with proven experience integrating security into CI/CD pipelines and operational processes.
  • Excellent problem-solving abilities, with a proactive mindset and the capability to adapt to new challenges in dynamic environments.
  • Relevant certifications are a plus, such as: AWS Certified Solutions Architect, AWS Certified Security – Specialty, Google Professional Cloud Security Engineer, Other recognized cloud security certifications.

Other requirements

  • A dedicated workspace.
  • A reliable internet connection with the fastest speed possible in your area.
  • Alignment with Our Values and the Xapo Values-Driven Leadership principles.

Why work for Xapo?

IMPACT GLOBALLY, WORK REMOTELY.

  • Shape the Future: Improve lives through cutting-edge technology, work 100% remotely from anywhere in the world.
  • Great work-life balance: Build amazing things with a balance of autonomy and collaborative teamwork. Set your own work schedule and make use of a flexible PTO plan when you need to recharge. 
  • Expect Excellence: Collaborate, learn, and grow with a high-performance team. Learn how you learn best - from books to conferences, you’ll get a yearly budget for your individual learning and development goals.

At Xapo, we prioritize consumer protection and adhere to regulatory requirements by ensuring that all Xapiens are accountable for upholding principles of fair treatment, transparency, and ethical conduct in their interactions with customers and stakeholders.

 Xapo

Xapo Bank is a fully regulated private bank based in Gibraltar that connects crypto assets with traditional finance, offering an innovative app for secure transactions and wealth building. Targeting users who seek economic freedom and wealth protection, Xapo stands out with its commitment to delivering a seamless experience that integrates the benefits of cryptocurrency into everyday banking.

Website LinkedIn
View all jobs
Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Cloud Security Engineer Q&A's
Report this job
Apply for this job