Cloud Security Analyst in Quinta de Portugal, Castelo Branco at Jobgether

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Cloud Security Analyst in Portugal.

Join a globally distributed technology team dedicated to building secure, scalable, and reliable cloud-based products used by customers around the world. In this role, you will play a key part in protecting cloud infrastructure, applications, and sensitive data while supporting security initiatives across engineering, operations, and business functions. You'll work with modern cloud technologies, security frameworks, and compliance standards to strengthen security posture and enable innovation at scale. This position offers the opportunity to collaborate with cross-functional teams, influence security best practices, and contribute to a security-first culture in a remote-first environment. If you are passionate about cloud security, application protection, and risk management, this role provides the chance to make a meaningful impact on a rapidly evolving technology platform.

• Design, implement, and maintain cloud security controls across infrastructure, applications, and development environments.
• Secure cloud-native application stacks throughout their lifecycle, from software development through deployment and operations.
• Integrate security practices into CI/CD pipelines, including static analysis, dynamic testing, dependency scanning, secrets management, and infrastructure-as-code security controls.
• Manage and enforce Identity and Access Management (IAM) policies using least-privilege principles across cloud environments.
• Implement and maintain container and Kubernetes security solutions, including image scanning, runtime protection, and policy enforcement.
• Monitor cloud environments for threats, vulnerabilities, and suspicious activity, investigating and responding to security alerts as needed.
• Conduct vulnerability assessments, penetration testing activities, and remediation initiatives in partnership with engineering teams.
• Support security incident response, forensic investigations, and continuous improvement of security runbooks and response procedures.
• Develop and maintain security documentation, standards, policies, and operational procedures.
• Collaborate with internal stakeholders to support compliance initiatives, security audits, customer security assessments, and risk management activities.

• 5+ years of experience in cloud security, application security, cybersecurity, or a related field.
• Strong hands-on experience securing cloud-based applications and infrastructure throughout the software development lifecycle.
• Deep knowledge of AWS security services and cloud-native security architecture principles.
• Solid understanding of software development practices, secure coding concepts, and common application vulnerabilities such as the OWASP Top 10.
• Experience integrating security controls into DevOps and CI/CD workflows, including SAST, DAST, SCA, secrets scanning, and IaC security testing.
• Practical experience securing containerized environments and Kubernetes platforms.
• Strong knowledge of IAM concepts, access controls, and identity security best practices.
• Familiarity with compliance and regulatory frameworks such as PCI DSS, GDPR, SOC 2, or equivalent standards.
• Excellent communication, collaboration, and stakeholder management skills with the ability to influence security initiatives across technical and non-technical teams.
• Strong analytical thinking, risk assessment capabilities, and problem-solving skills.
• Bachelor's degree in Information Security, Computer Science, Information Technology, or a related discipline.
• Experience with security automation, scripting, infrastructure as code, or cloud security orchestration is considered a plus.
• Relevant certifications such as AWS Certified Security – Specialty, AWS Solutions Architect, CCSP, CompTIA Security+, or Cloud+ are advantageous.

• Fully remote-first work environment with the flexibility to work from anywhere within eligible regions.
• Competitive compensation package.
• Generous paid time off aligned with local labor regulations.
• Monthly Wellness Fridays, providing an extended weekend every month.
• Fully paid parental leave.
• Home office stipend to support a productive remote workspace.
• Access to professional development programs, training resources, and continuous learning opportunities.
• Leadership development, upskilling initiatives, and knowledge-sharing programs.
• Opportunity to work on innovative cloud, cybersecurity, and AI-driven technologies.
• International, collaborative, and inclusive workplace culture.
• Exposure to global teams and diverse technical challenges.
• Meaningful ownership and the ability to contribute directly to product security and customer trust.