Segurança em Nuvem Jobs

I’m looking for a seasoned cybersecurity professional who can carry out a full-scale penetration test against my public-facing web application. My priority is threat assessment and mitigation, so the exercise must simulate real-world attack scenarios, uncover exploitable weaknesses, and give me a clear path to harden the platform. Scope You will conduct a comprehensive, OWASP-aligned assessment that includes manual exploitation techniques in addition to automated scans. I expect you to explore authentication, authorization, session management, input validation, business logic, and any server-side misconfigurations. Google platform for email/domain management and primarily cloud based tools. Tool choice is up to you—Burp Suite, OWASP ZAP, Kali Linux utilities, Metasploit, or...

Our SaaS platform is already live on AWS; the domain is pointed to Route 53 and the application stack is up and running. Before opening the doors to paying customers, I want a seasoned eye on the whole backend—especially the DNS and security layer—to be certain every control, record, and certificate is hardened and aligned with best practices. Core focus • DNS & security: verify Route 53 zones, A/AAAA/CNAME/TXT records, SPF, DKIM, DMARC, and implement or check AWS Certificate Manager-issued SSL across CloudFront/ALB. • Email deliverability: confirm SES (or preferred SMTP) is configured, run deliverability tests, and ensure no hidden blocks will hurt onboarding emails. • SEO & performance: register/validate the property in Google Search Console, gen...

CertEducation is an emerging certification training startup focused on helping college students gain globally recognized technology certifications. We are currently looking for an experienced AWS Trainer who can deliver structured training programs and guide students in preparing for AWS certification exams. The trainer will be responsible for delivering engaging training sessions, explaining AWS concepts clearly, and helping students successfully prepare for certification exams such as AWS Cloud Practitioner and AWS Associate-level certifications. This opportunity is ideal for professionals who have strong hands-on AWS experience and enjoy mentoring students. Key Responsibilities • Deliver instructor-led training sessions (onsite) • Teach AWS concepts in a clear and structured ...

Job Title: Senior Cloud Network Engineer Duration: 8 Hours Budget: ₹70K – ₹80K Start Date: Immediate Job Description We are seeking an experienced Senior Cloud Network Engineer to support and stabilize a highly cloud-driven infrastructure environment. This role is a critical backfill position, requiring a senior professional who can independently manage and optimize enterprise networking across AWS and Azure platforms. The environment is approximately 98% cloud-based, with the majority of networking operations focused on AWS (60%) and Azure (40%), along with minimal on-premise infrastructure. The engineer will play a key role in maintaining system stability and supporting upcoming infrastructure upgrades. Key Responsibilities Manage and optimize cloud networking infrastructure across...

Title: Cybersecurity Architect Needed to Secure Proprietary Trading System (Immediate Start) Project Overview We are currently building a proprietary automated trading infrastructure using Python and a brokerage API. We are hiring a developer tonight to begin building Phase 1 of the system, and we need a cybersecurity specialist to establish security controls and oversee the architecture before development progresses. The system will run on cloud infrastructure and connect to a brokerage API for live market data and order execution. Because this is proprietary technology, protecting our intellectual property and preventing backdoors or data exfiltration is critical. We are looking for someone experienced in cloud security, DevSecOps, and secure software architecture who can help esta...

I’m a mid-career cybersecurity professional and my LinkedIn presence isn’t doing me any favors. My goal is crystal-clear: I want recruiters at tech companies to find me, see immediate evidence of my value, and invite me to interview for full-time security roles. What I need from you • A high-impact headline and summary that sell my threat-hunting, incident-response, and governance strengths while weaving in the right keywords for LinkedIn’s search algorithm and typical ATS filters. • Re-crafted work-experience entries that highlight measurable accomplishments (e.g., vulnerability-remediation percentages, audit-pass rates, MTTR improvements) instead of task lists. • A refreshed Skills & Endorsements section that spotlights cloud security, secure...

I need an experienced security engineer to harden our multi-tenant SaaS product, prepare us for HIPAA and SOC 2 Type II audits, and stay on call for incident response. The stack runs primarily on AWS, Azure or GCP, with containerised workloads orchestrated by Kubernetes. Day-to-day you will probe our web apps and APIs with Burp Suite and OWASP ZAP, script automation in Bash, and guide the team as we fold security controls into an established Git-based CI/CD pipeline. Key objectives • Run a full penetration test against the platform, documenting exploitable findings against the OWASP Top 10 and cloud-specific misconfigurations. • Configure vulnerability scanning (Nessus, Snyk, Trivy) and wire SAST, DAST and dependency checks into our build pipelines. • Implement and v...

I’m ready to launch a production-grade web application on AWS and need the underlying infrastructure designed and built with security and high availability at its core. The workload will run on EC2, and general-purpose instances are fine; the focus is on a rock-solid architecture, not exotic hardware profiles. Here’s what I have in mind: a VPC with public and private subnets spread across at least two Availability Zones, an Application Load Balancer in front, Auto Scaling groups to keep capacity healthy, and tight security groups plus IAM roles that follow least-privilege rules. Logging to S3, monitoring and alerts through CloudWatch, and encrypted traffic everywhere (ACM certificates, HTTPS, TLS-enabled internal hops) are all must-haves. Wherever possible, I’d like the ...

I need someone who can jump into my Google Cloud Console and create a fresh API key for Vertex AI. The key must have Full access because it will power a third-party application that sits outside the Google ecosystem. Here’s what I expect: • A properly scoped, active API key that can call every Vertex AI endpoint required by the external app. • Any service-account or IAM tweaks completed so the key works immediately—no extra permission errors. • A quick note or screen-share walkthrough showing me where the key lives in the console and how to rotate or revoke it later. You should already be comfortable with Google Cloud Console, IAM roles, and Vertex AI service enablement so the process is smooth and secure.

1. JOB POST: Odoo SaaS Security Configuration – QMS User Roles (3‑Tier Access Model) Project Overview We are a small company based in the UK and use Odoo to manage our business. We have a requirement to add 3 users to the system in Odoo. See below. We need an experienced Odoo SaaS security specialist to design and configure a three‑level permission model that is clean, audit‑friendly, and fully compatible with SaaS limitations (no backend access, no custom modules, no Studio). Required Deliverable: 3‑Level QMS Security Model 1. QMS Read‑Only (External Auditors / Inspectors) - Read‑only access to QMS menus and documents. - No create/edit/delete. - No access to non‑QMS modules. - Must avoid Portal/Public menu leakage. - Must be safe for ISO/FDA/MHRA audits. 2. QMS Contributor (Inte...

We are a new SaaS startup looking for a rigorous security specialist to perform a **comprehensive end-to-end security audit**. Our mobile app (iOS & Android) is our core product and requires deep-dive scrutiny, while our landing pages and staff admin panel need a focused vulnerability assessment to ensure total ecosystem integrity. ### **The Scope of Work** We need more than a generic automated scan; we require a blend of manual penetration testing and structured configuration review. * **Mobile App (Deep Dive):** Comprehensive testing based on the **OWASP Mobile Application Security (MAS)** framework. This includes binary analysis, session management, local data storage security, and API communication. * **Web & Admin Panel:** Vulnerability assessment of the staff-facing das...