Cloud Security Engineer

About Us:
Founded in 2018, headquartered in Johannesburg, and backed by leading investors including Pantera Capital, Coinbase Ventures and Fidelity’s F-Prime Capital, VALR is a global crypto exchange offering a comprehensive suite of products—including Spot Trading, Spot Margin, Perpetual Futures, Staking, Lending, Borrowing, OTC services, VALR Invest, Crypto Bundles, and VALR Pay. Licensed by South Africa’s FSCA, with regulatory approval in Europe, VALR serves over 1.7 million registered users and 2,000 corporate and institutional clients worldwide. The exchange is dedicated to advancing a just financial future that upholds human dignity and the unity of mankind. For more information, visit valr.com.

Our Vision:
To establish VALR as a global institution that advances the economic life of human civilisation through a borderless, inclusive, and empowering financial ecosystem.

Our Mission:
To contribute towards a global financial system that upholds justice, fosters human dignity, and reflects the oneness of humanity, by serving the financial needs of individuals, communities, and institutions through innovative financial technologies.

• 5+ years of experience in Cloud Security Engineering, Infrastructure Security, or Cloud Architecture roles.
• Extensive hands-on experience with public cloud providers, especially Google Cloud Platform (GCP) and/or Amazon Web Services (AWS).
• Deep understanding of cloud-native security models, shared responsibility, and zero-trust principles.
• Proficient in identity and access management (IAM), role-based access controls, KMS, encryption, and secrets management in cloud environments.
• Skilled in Infrastructure-as-Code (IaC) using Terraform, with the ability to review and secure IaC pipelines.
• Familiarity with container orchestration security (e.g. Kubernetes, GKE, EKS) and microservices environments.
• Strong experience with cloud security monitoring, intrusion detection systems (IDS), threat modeling, and SIEM integration.
• Proficient in scripting (e.g., Python, Bash) for automation and security tooling.
• Experience in integrating security controls into CI/CD pipelines and DevSecOps workflows.
• Knowledge of frameworks and standards such as CIS Benchmarks, NIST, ISO/IEC 27001, and SOC 2.
• Working knowledge of compliance requirements related to crypto, financial services, or regulated industries.
• Familiarity with vulnerability scanning tools (e.g., Prisma Cloud, Tenable, Wiz, etc.) and runtime protection solutions.
• Bachelor's degree in Computer Science, Cybersecurity, Engineering, or related technical field (preferred but not required).
• Professional certifications such as GCP Professional Cloud Security Engineer, AWS Security Specialty, CISSP, or CISM are a plus.

In addition, the following functional competencies are required:

• Cloud Security Architecture: Design and maintain secure-by-default architecture for all cloud-native systems and infrastructure.
• Threat Detection & Response: Implement, tune, and monitor detection systems to identify and mitigate potential cloud threats in real time.
• Infrastructure as Code Review: Secure cloud resource provisioning through IaC and build security policies into CI/CD.
• Access Control & Identity Management: Define, audit, and maintain strong least-privilege access across services and user roles.
• DevSecOps Integration: Embed security checks into deployment workflows to catch misconfigurations and vulnerabilities early.
• Incident Preparedness: Collaborate on incident response plans, forensics, and post-incident reviews relating to cloud systems.
• Security Automation: Design automated remediation and hardening tools to ensure scalable enforcement of security policies.

• Architect and implement secure infrastructure across VALR’s cloud environments (primarily GCP), balancing agility with risk mitigation.
• Collaborate with engineering and DevOps teams to integrate security practices into cloud services, build pipelines, and runtime environments.
• Continuously monitor and improve infrastructure security posture using cloud-native tools, third-party scanning platforms, and SIEM integrations.
• Own and maintain IAM frameworks, managing service accounts, user roles, and access policies to enforce least privilege.
• Identify, assess, and remediate security misconfigurations in compute, storage, networking, and serverless environments.
• Conduct threat modeling and risk assessments for cloud infrastructure changes and deployments.
• Review and secure Infrastructure-as-Code (Terraform) templates, cloud init scripts, and related automation artifacts.
• Manage encryption standards, key lifecycle management, and secure storage across all sensitive workloads.
• Contribute to the definition and implementation of secure deployment workflows and container security standards.
• Support incident detection, response, and root cause analysis for cloud infrastructure-related security events.
• Ensure alignment with compliance, privacy, and security frameworks applicable to crypto exchanges and financial services.
• Support regular vulnerability assessments and assist in prioritising fixes based on business impact and exploitability.
• Develop and maintain cloud security policies, guidelines, and playbooks that evolve with VALR’s growing global operations.
• Stay ahead of cloud security trends, vulnerabilities, and attack vectors — translating insights into actionable improvements.

• Innovative Work Environment
  • Engage with the latest blockchain technologies and tools in a rapidly evolving industry.
  • Work from anywhere with secure, stable internet connectivity, allowing you to create your ideal workspace.
• Career Development
  • Benefit from an annual professional development allowance alongside scheduled company training sessions to keep you at the forefront of the crypto industry.
• Competitive Compensation
  • Competitive salaries that align with industry standards.
  • When you contribute to our success, you’ll be rewarded with discretionary bonuses, recognising your impact on VALR’s growth.
  • Receive preferential Tier 5 trading fees on VALR, with no monthly trading volume required.
• Diversity and Inclusion
  • A commitment to fostering a diverse workforce with initiatives that promote equity and belonging.
• Wellness
  • Employees are encouraged to strive for coherent and wholesome lives, fulfilling their work, personal, social, physical and spiritual goals to the best of their abilities.
  • Compliance with statutory leave required by individual countries, in addition to flexible leave options.
  • Enjoy lunch on us when working from our Johannesburg Head Office, one of the ways we support wellbeing and connection in the workplace.
• Impact and Contribution
  • At VALR, we believe in a financial system that recognises the oneness of humanity. Our mission is to break down financial barriers and promote universal values of courage, ethical integrity, and the intrinsic worth of every individual.
  • Engage in initiatives that promote education and awareness about cryptocurrencies, ensuring that everyone has the tools and knowledge to participate in the evolving financial landscape.
• Dynamic Team Culture
  • Open communication and teamwork across departments, fostering innovation and creativity.
  • Enjoy social gatherings outside of work to strengthen team bonds and boost morale.
• Global Exposure
  • Work with colleagues from around the world.
  • Exposure to diverse perspectives and practices in the crypto space.
• Recognition and Rewards
  • Regular acknowledgement of employee accomplishments, fostering a culture of appreciation and motivation.
  • Join us for retreats that blend professional development with team bonding in inspiring locations.
• Tools for Success
  • Receive a Mac laptop and a discretionary allowance to purchase all the extras needed for a productive home office—yours to keep after three years (terms and conditions apply).