Freelance Infrastructure Security Engineer

TeamWe are seeking Freelance Infrastructure Security Engineer with extensive experience in securing cloud environments, particularly AWS. This pivotal role will focus on managing and optimizing the security of our cloud infrastructure to safeguard against evolving threats and ensure compliance with industry best practices and regulatory requirements.As a Freelance Infrastructure Security Engineer, you will oversee multi-account AWS architectures, automate security processes, and secure cloud infrastructure, workloads, and network resources. You will drive security improvements, implement proactive risk mitigation strategies, and ensure continuous compliance through automation and monitoring.The ideal candidate will have a solid foundation in security architecture, Site Reliability Engineering (SRE), and DevOps principles, with a proven track record of delivering secure, scalable solutions in cloud environments.Your ResponsibilitiesManage and secure a multi-account AWS architecture, applying security controls and best practices across multiple AWS accounts and environments.Manage cloud identities to ensure secure, compliant, and least-privileged access for users and service accounts, minimizing security risks.Secure applications and network infrastructure to prevent malicious traffic, mitigate potential attacks, and protect the network perimeter.Implement security guardrails and policies, and automate tasks such as monitoring, compliance checks, patch management, and remediation processes to enhance operational efficiency and eliminate misconfigurations.Work with CWP, CSPM and CIEM tools to implement and manage centralized security operations, streamline compliance processes, and enhance visibility across the infrastructure.Monitor Cloud infrastructure to identify vulnerabilities and misconfigurations, ensuring proactive security controls, early detection of risks, and timely patch installation and configurations to remediate vulnerabilities.Harden host and container operating systems by adhering to security benchmarks and industry best practices to ensure robust security.Secure Kubernetes clusters, containerized environments, and workloads following best practices for container security and runtime protection.Integrate SIEM systems to onboard logs for centralized logging, real-time threat detection, and improved incident response.Conduct periodic reviews and monitor networks, analyze logs, and assess systems to prevent unauthorized use, protect critical information, and ensure service availability.Assist with compliance audits by preparing documentation and providing the necessary evidence.Review engineering proposals, offer feedback, and suggest improvements to enhance security and operational efficiency.Go beyond compliance to implement the latest security tools and techniques that improve the security posture of the organization. Identify opportunities to reduce infrastructure costs, propose innovative solutions, and suggest areas for improvement. Contribute to defining the roadmap, setting priorities, and aligning with OKRs.Your Profile5+ years of experience securing cloud infrastructures (preferably AWS), managing multi-account architectures, and designing and implementing security systems to mitigate risks and ensure compliance.Relevant certifications, such as AWS Certified Security – Specialty, are a plus.Hands-on experience with AWS security services such as CloudTrail, GuardDuty, IAM, Config, WAF, Shield, Inspector and KMS.Strong foundation in security architecture, Linux systems, identity and access management (IAM), and network security.Strong expertise in Kubernetes and container security, including runtime protection and OS hardening.Experience in vulnerability management, incident response, and compliance enforcement through automation.Experience in administering SIEM (Security Information and Event Management) systems, such as Splunk.Proficiency in Infrastructure as Code (IaC) and configuration management tools such as Terraform, Ansible, and Packer, along with programming languages (e.g., Python) to automate security tasks.Passionate about security, enjoys challenges, and keeps up-to-date with emerging threats and security technologies.Understanding of EU regulations and compliance standards, such as GDPR, ISO/IEC 27001, DORA, and other relevant frameworks for data protection, security, and operational resilience, is a plus.Knowledge of DevOps/SRE principles and integrating security into CI/CD workflows.About usRaisin is the trailblazer in the savings and investment space. Founded in 2012, the fintech company started by opening the $95+ trillion deposits and investments market of the European Union, the United Kingdom and the United States to consumers.Today, Raisin serves more than one million customers in these three markets, offering savings products as well as investment and pension products. This makes the Berlin-based fintech one of the leading global savings and investments marketplaces. Savers get a wider choice of attractive products with the ability to move their money freely. In addition, financial service providers get best-in-class marketplace solutions for their customers, and banks get better access to retail funding.Raisin operates its own B2C marketplaces in Europe and the U.S. In Germany, the company offers ETF-based investment and retirement products in addition to savings products. Raisin works with over 400 banks and financial service providers from over 30 countriesWe are backed by renowned international investors such as b2venture, Deutsche Bank, Goldman Sachs, Greycroft, Headline, Index Ventures, Latitude Ventures, Orange Ventures, PayPal Ventures, Top Tier Capital Partners, Ribbit Capital, Vitruvian Partners and M&G.At Raisin, we care about each other and it is one of our top priorities to foster an open and caring environment in which everyone feels welcome and comfortable. Our culture is strongly driven by our ambitious team, which connects more than 75 different nationalities.In total, we have 8 offices across the world: Berlin, Frankfurt, Hamburg, Madrid, Manchester, Munich, New York and Salt Lake City.We also think it’s important to take the time to celebrate our hard work and achievements together, with events like our yearly summer and winter party, as well as a couple of smaller get-togethers.We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, or gender identity.