Senior Security Engineer – Cloud & DevSecOps - Santiago

The Company: 

Capital Markets Gateway (CMG) is a financial technology firm that is modernizing the equity capital markets (ECM).CMG connects investors and underwriters via a neutral platform that delivers integrated ECM data and analytics, transparency, and workflow efficiencies. Providing a digital system of record for firm-wide deal activity, CMG helps clients make more timely, better-informed decisions.

Launched in 2017 by a team of ECM practitioners, the CMG platform is currently relied upon by nearly 100 buy side firms representing $20 trillion in AUM and 15 investment banks. CMG’s goal is to alleviate pain points resulting from disparate solutions, fragmented data, and frenzied communication. CMG’s DataLab product solves for data analytics, while CMG’s XC platform establishes connectivity between buy- and sell-side firms.

Position Overview:

CMG is seeking a proactive and highly skilled Senior Security Engineer focused on Cloud & DevSecOps to drive and elevate the security posture across our cloud infrastructure, applications, and DevOps practices. This role merges the responsibilities of securing cloud environments and integrating security into development pipelines, ensuring the safety of both infrastructure and application code. The successful candidate will collaborate closely with various teams, including Security, DevOps, and Engineering, to identify risks, implement security controls, and continuously improve security processes. This is a hands-on role focused on cloud security architecture, application security, and security automation.

Key Responsibilities:

• Design, implement, and evolve cloud security architecture strategies and frameworks across multi-cloud platforms (i.e., Azure and either AWS/GCP).
• Conduct risk assessments and secure cloud environments using Infrastructure as Code (IaC) tools like Terraform, ensuring compliance with security standards and policies.
• Partner with DevOps on cloud security initiatives, including network security, data protection, secure configurations, and encryption.
• Ensure cloud-native services are secured, such as identity management, storage, and compute resources, while ensuring adherence to regulatory and industry standards.

• Integrate security best practices into the Software Development Life Cycle (SDLC), focusing on secure coding, dependency management, and continuous vulnerability scanning for languages such as .NET, JavaScript, and Python.
• Collaborate with development teams to establish security standards and enforce secure coding practices.
• Implement and maintain API security standards, including authentication, encryption, and secrets management.
• Ensure containerized applications are secured deployed via Kubernetes, managing both image security and runtime security risks.
• Perform threat modeling and risk assessments for both new and existing applications.
• Implement and maintain any required security audit trails and/or integrations into security monitoring apparatus

• Develop policy-as-code frameworks and automate security testing in CI/CD pipelines using tools like GitHub Actions, ensuring security is continuously enforced during deployments.
• Monitor, assess, and mitigate vulnerabilities in cloud infrastructure, application environments, and containers through regular scans and risk assessments.
• Drive the adoption of security automation tools to streamline secure deployments, enforce security policies, and manage cloud configurations.
• Support security compliance initiatives, including SOC2, ensuring cloud infrastructure and applications meet regulatory standards.

• Mentor engineers and cross-functional teams, advocating for security best practices across cloud, infrastructure, and applications.
• Serve as the subject matter expert in security architecture areas such as identity management, encryption, data loss prevention (DLP), and cloud service security.
• Develop and maintain security documentation, policies, and procedures for cloud, application, and DevOps environments.
• Stay informed on emerging threats and security technologies, driving continuous improvement and innovation in cloud and application security.

• 7+ years of hands-on experience in information security, with a strong focus on cloud and application security.
• 4+ years of experience securing cloud platforms (Azure preferred, AWS, GCP), including deep expertise with cloud-native security tools and Infrastructure as Code (Terraform).
• Proven track record securing application environments and integrating security into DevOps practices.
• Strong understanding of API security, encryption, and secrets management in distributed cloud environments.
• Hands-on experience with automation tools like Terraform and Ansible, and security-focused CI/CD pipelines.
• Expertise in securing containerized environments (Docker, Kubernetes) and addressing vulnerabilities in container images and dependencies.
• Strong knowledge of cryptography, key management, and data protection best practices.

• CloudPlatforms: Azure (preferred), GCP, AWS
• Infrastructure-as-Code (IaC): Terraform
• Languages: .NET, JavaScript, Python, Bash, Powershell
• Containers: Docker, Kubernetes
• CI/CD Tools: GitHub
• Database: PostgreSQL
• Secrets Management: Key Vault
• Operating Systems: Linux, Windows, MacOS

• Strong ownership and initiative, with the ability to work independently in a fast-paced environment.
• Excellent multitasking and prioritization skills, capable of handling complex, concurrent tasks.
• Passion for security innovation, staying ahead of emerging threats, and continuously improving security processes.
• Detail-oriented, ensuring thorough tracking of issues and resolutions.

• We innovate with purpose 
• We focus on outcomes vs. output 
• We believe diverse and inclusive teams fuel innovation 
• We are humble yet candid 
• We do right by the customer 

• 15 days of vacation
• Gym membership contribution
• Language courses
• Tech courses and conferences
• Top-of-the-line MacBook
• Potential trips to the USA
• Company team-building events
• Flexible working hours and the possibility to work from home

We celebrate diversity and are committed to creating an inclusive work environment. CMG is an equal-opportunity employer.