Montoux is the leading Actuarial Automation platform specifically designed for life and health insurers. Our cloud-based platform offers a scalable, high-performance compute engine, sophisticated model-building capabilities, and a beautiful, modern web-based user interface that enables insurers to leverage cutting-edge technology and new data sources to improve commercial results and optimize actuarial resources.

Our customers include several of the world’s leading insurance providers across North America, Europe and Asia Pacific, and the company has been listed on both the Insurtech100 and AIFintech100 lists as one of the most innovative tech companies in the world. We have recently signed a multi-year strategic collaboration agreement with AWS that combines our unique platform capabilities and domain knowledge with the considerable technology strength and customer reach of AWS. You can find out more about us here

We offer a fun and refreshing alternative to traditional corporate work environments. You will be part of a growing, talented, and supportive team where your ideas are genuinely valued. You will work together on developing  innovative new products and capabilities for our platform, with many opportunities to learn, contribute, and make a real impact on Montoux’s success. If you'd like to find out more about our culture, you can read through our Culture Handbook. 

We are looking for a technical infrastructure engineer who is passionate about security. You will create, improve, and maintain security controls, infrastructure, and processes that help us safeguard the sensitive information we store and process in our high performance cloud infrastructure on behalf of our customers. You will work closely with our small team of engineers, product managers, and CTO to implement security controls and processes to help us establish and maintain compliance with security frameworks such as SOC 2 and HIPAA, and foster a security-minded culture.

Responsibilities 

• Work alongside other engineers to help design and implement new infrastructure projects
• Contribute to developing, improving and maintaining our internal services, such as our git repository, CI pipelines, logging dashboards, security systems, and device management platforms
• Identify and help mitigate security risks and vulnerabilities related to our platform and internal tools and systems
• Implement new and update existing technical security controls and processes to establish and maintain compliance with leading security frameworks such as SOC 2.
• Contribute to implementation and maintenance of monitoring and alerting systems for security monitoring, platform health and performance, and other logging, using systems such as Splunk, Grafana, Prometheus, Loki, and CrowdStrike
• Contribute to creation of runbooks and other documentation related to infrastructure and security
• Identify and suggest ways to improve reliability, efficiency, and security of our software, systems, and engineering processes
• Contribute to raising awareness of secure programming practices (e.g. the OWASP Top Ten) within the engineering team, and IT security awareness across Montoux
• Help answer customer IT security questionnaires

Requirements

• A minimum of 5 years of experience working in cloud security, site-reliability engineering, or system engineering
• Experience with Amazon Web Services
• Experience with orchestration and provisioning tools, including Terraform and Ansible
• Experience with infrastructure vulnerability scanning, vulnerability management and patch management
• Knowledge of Linux and AWS and common hardening practices, such as CIS benchmarks or the AWS Well Architected Framework
• Experience using log analysis platforms such as Splunk, Grafana, Prometheus, Loki, etc
• Technical knowledge of systems in a multi-tenant cloud environment
• Capability to build working relationships with key stakeholders
• A passion for educating others on security practices would be ideal