Fortunate Media
Fortunate Media

Security Operations Engineer

TLDR

Own day-to-day security operations across corporate and cloud environments, build and harden IAM, VPN, device management, and AWS security with a clear path to broader ownership.

Role overview

  • You'll own the day-to-day security operations of our corporate and cloud environments: hands-on, execution-focused work securing the tools, endpoints and infrastructure our teams rely on.
  • You'll implement and maintain our security posture across our productivity suite, device fleet, VPN and identity stack and cloud environment.
  • This is a build-and-harden role for someone who likes getting into the weeds. As you grow into it, there's a clear path toward owning the security function more broadly.

What you'll do

Corporate & endpoint security

  • Administer and harden our identity and access stack, including password management and VPN/network-access tooling.
  • Configure and enforce device policies through mobile device management - disk encryption, screen-lock, patching baselines, app control and compliance rules across the fleet.
  • Manage endpoint protection and keep patching and vulnerability remediation on a predictable cadence.
  • Harden our productivity and collaboration suite: access controls, 2FA/MFA enforcement, admin roles and data-sharing/DLP settings.
  • Own onboarding/offboarding from a security angle - provisioning, de-provisioning and access reviews.

Cloud security

  • Harden our AWS environment: IAM policies and least-privilege access, account and organisation guardrails, security groups and network segmentation.
  • Implement and monitor logging and detection
  • Manage secrets, key management and encryption at rest and in transit.
  • Review infrastructure changes for security impact and work with engineering to close gaps.

Testing & assurance

  • Run internal and continuous security testing: vulnerability scanning, configuration audits and attack-surface reviews.
  • Conduct hands-on internal penetration testing against our own systems where appropriate.
  • Scope, coordinate and manage external penetration-test vendors for formal independent assessments, then track and drive remediation of findings.
  • Maintain security documentation, run tabletop exercises and support our compliance and audit obligations.

What we're looking for

  • Proven hands-on experience in security operations, IT security or cloud security engineering - someone who has actually configured MDM, hardened AWS, and administered identity tooling, not just written policy about it.
  • Solid working knowledge of Cloud security services and cloud hardening.
  • Comfortable across at least one MDM platform, a VPN/ZTNA solution and a password-management tool.
  • Practical familiarity with vulnerability scanning and penetration-testing tools and methodologies.
  • Scripting ability (Python, Bash or similar) for automation.
  • A methodical, ownership-driven mindset - you close loops and document as you go.

What we offer


    • Semi remote-friendly setup with flexibility built around outcomes and business priorities.
    • Strong ownership culture: you’ll ship meaningful systems and keep improving them after launch - no “throw it over the wall.”
    • Education budget for courses, certifications, conferences, and learning resources.
    • Team lunch once per week (on us).
    • Monthly gym allowance.
    • Private health insurance.
    • Collaborative environment: you’ll work closely with technical and non-technical stakeholders and with clear communication.


Contact us to apply


If you are a proactive and motivated individual who thrives in a fast-paced environment, we invite you to apply


Benefits

Equity Compensation

Strong ownership culture: you’ll ship meaningful systems and keep improving them after launch - no “throw it over the wall.”

Health Insurance

Private health insurance.

Learning Budget

Education budget for courses, certifications, conferences, and learning resources.

collaborative environment

Collaborative environment: you’ll work closely with technical and non-technical stakeholders and with clear communication.

Paid Time Off

Team lunch once per week (on us).

Remote-Friendly

Semi remote-friendly setup with flexibility built around outcomes and business priorities.

Wellness Stipend

Monthly gym allowance.

Apply for this job

Pro members saw this job first

New jobs unlock for everyone after 24 hours. Startup Jobs Pro shows them right away, with instant alerts and salary filters. From $7/month.

Get Pro