Cloud Security Engineer

Описание вакансии

About MoonPay

Hi, we’re MoonPay. We’re here to onboard the world to the decentralized economy by making digital money move as universally and effortlessly as the internet.

Why?

Because crypto, stablecoins and blockchain aren’t just technologies. They’re tools for global financial empowerment. They give people and businesses more control over their money, their digital assets, and their future, opening access to legacy financial systems that have been out of reach for many.

What we do

MoonPay is a unified payments platform for digital currency. We make it easy for anyone, anywhere, to buy, sell, swap and pay in digital currencies as easy as sending an email. That simplicity is intentional, our focus is reducing complexity so people can participate confidently, without needing to be crypto experts. We power the entire flow between fiat and crypto end to end, with compliance, identity checks, fraud prevention, and settlement all built in. This end-to-end approach reflects how we work internally: with accountability, rigor, and trust built into everything we ship.

Proven at scale

Trusted by over 30 million customers and over 500 ecosystem partners, our secure, enterprise-grade platform is driving mainstream crypto adoption worldwide. Behind those numbers are millions of real people and organizations relying on MoonPay every day.

We collaborate with innovative brands and projects to build secure, scalable solutions for a blockchain-powered future. This is an opportunity to help shape systems, not just scale them. And we’re committed to doing it right. Fully licensed in the U.S. and regulated across the UK, EU, Canada, and Australia, because trust and compliance are non-negotiable.

But we’re just getting started. We’ve launched a consumer app that makes crypto accessible, intuitive, and usable for everyone, and it’s growing fast. We’re iterating every day to make it the best it can be.

If you believe financial freedom should be for everyone. If you believe in building a fairer, more open financial system - we want you with us. To build systems that benefit all, we need contributions from all, regardless of background.

Come build the future of payments and the decentralized economy with MoonPay. Let’s make financial freedom and autonomy the new normal.

Locations Supported 🌍

• US

Relocation available: No

Work pattern:

• This role will be remote/hybrid

About the Opportunity

Our Security Team is a dynamic blend of proactive defenders and inquisitive problem-solvers. We're dedicated to fortifying our cloud infrastructure (GCP and AWS) through rigorous security reviews, threat modeling, and automated controls. We actively manage our cloud security posture, ensuring swift response and remediation to identified risks. We leverage cutting-edge tools like DataDog for cloud security monitoring and Terraformfor secure Infrastructure as Code. Collaboration is key, as we embed security best practices throughout the infrastructure lifecycle. We are constantly researching emerging cloud threats, crafting effective mitigation strategies, and empowering our engineering teams with comprehensive training. We maintain up-to-date cloud security standards, baseline, implement Just-in-Time (JIT) access controls, and will establish and lead our cloud incident management process.

What You Will Do

• Perform Threat Modelling of architectural infrastructure changes and new cloud infrastructure and Kubernetes deployments in GCP and AWS.
• Design, implement, and manage robust security controls and configurations for our GCP and AWS environments.
• Develop and maintain secure Infrastructure as Code (IaC) using Terraform and tools.
• Implement, manage, and enhance Cloud Security monitoring using DataDog, including alert configuration, response procedures and not just rely on out of box (OOTB) rules
• Implement and manage Just-in-Time (JIT) access solutions for elevated privilege access to cloud resources.
• Establish and manage the cloud incident management process and program, including leading incident response activities for cloud security events.
• Collaborate with infrastructure and development teams to integrate cloud security best practices throughout the infrastructure lifecycle.
• Research and evaluate emerging cloud security threats and vulnerabilities, and develop effective mitigation strategies.
• Develop and deliver cloud security training and awareness programs to engineering and relevant teams.
• Contribute to the development and maintenance of cloud security standards, policies, and documentation, ensuring they are up-to-date.
• Manage the future of our cloud security posture, driving continuous improvement and strategic initiatives.
• Accurately document cloud security configurations, processes, and knowledge, and effectively disseminate this information to other teams.
• Conduct vulnerability assessments and drive remediation for cloud infrastructure.
• Support requirements and evidence requested from auditors, compliance and regulators

About You

Must-have experience and skills

• You have extensive experience in Cloud Security, with deep expertise in GCP and AWS.
• You possess a strong understanding of Threat Modelling principles and their application to cloud infrastructure and architectural designs.
• You have hands-on experience with cloud security tools and technologies, including DataDog for security monitoring and Terraform for Infrastructure as Code.
• You have proven experience in designing, implementing, and managing cloud security controls and configurations.
• You have experience with Identity and Access Management (IAM) in cloud environments, including the implementation and management of Just-in-Time (JIT) access solutions.
• You have a proven ability to establish and manage incident response programs specifically for cloud environments.
• Proficiency in scripting or programming languages relevant to cloud automation and security (e.g., JavaScript, Python, Go, or similar) is a plus.
• You are comfortable explaining technical security concepts, vulnerabilities, and effective mitigations to diverse audiences.
• You are self-motivated, can work independently and effectively in a remote setting while maintaining a team-focused mindset.
• You are highly skilled in documenting security processes and configurations and effectively sharing knowledge with other teams.

Nice-to-have experience

• You have a good understanding of cryptography and its applications in cloud security.
• You contribute to the security community (e.g., open source projects, conference talks, CTFs).

Bonus Points

• Relevant security certifications (e.g., GCP Professional Cloud Security Engineer, AWS Certified Security - Specialty, SANS) are a plus but not required.
• Your background experience includes working in a disruptive technology environment, ideally within FinTech, SaaS, or Crypto.

BLOCK Values

We’re looking for people who live our core values, those who strive for excellence and want to leave a lasting legacy on the global financial system. Our values:

B - Be Hungry

L - Level Up

O - Own It

C - Crypto Curious

K - Kaizen

Research has shown that women are less likely than men to apply for this role if they do not have experience in 100% of these areas. Please know that this list is indicative, and that we would still love to hear from you even if you feel that you are only a 75% match. Skills can be learnt, diversity cannot.

Benefits & Perks 💡

💰Competitive salary package

🤝 Equity package: We believe financial freedom starts with our employees, so all employees have ownership at MoonPay

📈 Pay for performance equity bonus: Those who drive outsized outcomes receive outsized rewards

🚀 Moonshot award. We honor exceptional impact - 10 employees twice a year, each earning a $250,000 equity grant.

🏝 Unlimited holidays: We give you the autonomy to choose when to work (and when to switch off)

🌍 Hybrid working schedule: Work fully remotely or your nearest Moonbase, the choice is yours

🩺 Private Healthcare benefits: To protect you and your loved ones

🍼 Enhanced parental leave: So you can spend more time with your loved ones without a second thought

📚 Annual training budget: We support your training journey every step of the way

🪑 Home office setup allowance: Create the home office of your dreams

👛 Remote working allowance: Those working fully remotely get a little extra for utilities

💰 Monthly budget to spend on our products and zero fee crypto transactions: Cultivate your inner DEGEN

💰 Employee referral programme: Great people know great people, refer them to receive 10K in USDC

✈️ Regular remote company offsites: Meet your colleagues regularly for high impact in person sessions and hackathons

🚀 Working in a disruptive and fast-growing company where excellence is rewarded

Commitment To Diversity

At MoonPay we believe that every voice matters. We strive to create a mindful and respectful environment where everyone can bring their authentic self to work, and experience a culture that is free of harassment, racism, and discrimination. That’s why we are committed to diversity and inclusion in the workplace and are a proud equal opportunity employer. We prohibit discrimination and harassment of any kind based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or any other characteristic protected by law. This policy applies to all employment practices within our organization, including, but not limited to, hiring, recruiting, promotion, termination, layoff, and leave of absence.

MoonPay is also committed to providing reasonable accommodations in our job application procedures for qualified individuals with disabilities. Please inform our Talent Team if you need any assistance completing any forms or to otherwise participate in the application process.