**Octus** Octus is a leading global provider of credit intelligence, data, and analytics. Since 2013, tens of thousands of professionals across hedge fund, investment banking, management consulting, and law firm verticals have come to rely on Octus to make better, faster, and more confident decisions in pace with the fast-moving credit markets. **Working at Octus** Octus hires growth-minded innovators and trailblazers across the globe to drive our business and culture. Our core values - Action Oriented, Customer First Mindset, Effective Team Players, and Driven to Excel - define an organizational ethos that's as high-performing as it is human. Among other perks, Octus employees enjoy competitive health benefits, matched 401k and pension plans, PTO, generous parental leave, gym subsidies, educational reimbursements for career development, recognition programs, pet-friendly offices (US only), and much more. **Role** **Responsibilities**: - **Secure Software Development**: Champion security throughout the entire software development lifecycle (SDLC). Conduct threat modeling, perform code analysis (SAST), and integrate security tools into CI/CD pipelines to identify and remediate vulnerabilities early. - **Cloud Security Architecture**: Collaborate with DevOps to enhance and maintain the security of our existing cloud environment (AWS, Azure, GCP). Continuously identify opportunities to strengthen security controls across infrastructure, platforms, and services—covering network, container, and serverless technologies. Provide input and guidance to shape future cloud security designs and best practices. - **Security Automation & Orchestration**: Develop and deploy automation scripts, tools, and workflows to streamline security operations. Automate incident response, threat hunting, compliance checks, and remediation processes. - **Data Protection & Encryption**: Implement and manage data protection controls, including data loss prevention (DLP) and encryption. Manage key management services (KMS) to secure data at rest and in transit. - **Security Monitoring & Incident Response Engineering**: Implement and fine-tune security monitoring tools (SIEM, CSPM) to detect and alert on security incidents. Develop and maintain automated incident response playbooks to enable rapid mitigation of threats. **Requirements**: - **Education**: Bachelor's or Master's degree in Information Security, Computer Science, or a related field, or equivalent professional experience. - **Technical Skills**: - Hands-on experience with security tools such as SAST, DAST, IAST, and CSPM. - Proven experience securing cloud platforms (AWS, Azure, or GCP) and their native security services. - Proficiency in one or more programming/scripting languages (e.g., Python, Go, Java, JavaScript). - **Frameworks & Compliance**: Experience implementing and auditing technical controls for security frameworks such as SOC 2, NIST, and ISO 27001. - **Certifications (preferred)**: Relevant security certifications are a strong plus (e.g., CCSK, CCSP, CSSLP, GWAPT, or cloud-specific security certs). - **Soft Skills**: Strong analytical and problem-solving skills, with the ability to communicate complex technical concepts to a variety of audiences. **Equal Employment Opportunity** Octus is committed to providing equal employment opportunities to all employees and applicants for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, pregnancy, veteran status, or any other legally protected status. We strive to create an inclusive and diverse work environment where all individuals are valued, respected, and treated fairly. We believe that diversity enriches our workplace and enhances our ability to innovate and succeed.