Key skills
AWSCloudGoIAMCollaboration
About this role
Role Overview
- Be the internal security lead on our Greenfield Product with full access to source code, cloud infrastructure, and configurations.
- Ensure the product is enterprise-ready before customers go near it.
- Work alongside the Greenfield Product hardening squad for collaboration.
- Act as day-to-day counterpart to external security and pen test partners.
- Build and implement controls, not writing recommendations for others to action.
- Own AWS security posture including account structure, IAM, RBAC, logging, and monitoring.
- Manage SOC 2 Type II controls and evidence for the Greenfield Product on AWS.
- Handle application-level hardening including authentication, API rate limiting, web security headers, etc.
- Manage penetration test engagements with external firms, triaging findings, and closing them rapidly.
- Put automated processes in place for continuous security validation.
- Ensure data residency requirements are met for US and UK law firm customers.
Requirements
- Deep, hands-on security engineering experience, building and implementing controls, not just advising
- Strong AWS security knowledge: IAM, account structure, Well-Architected Framework, CloudTrail, GuardDuty, Config, Security Hub
- Driven a real SOC 2 Type II engagement: controls, evidence collection, and audit preparation, not just policy documentation
- Application security experience: auth, RBAC, common web vulnerabilities, ability to implement fixes directly in code and config
- Managed external pen test engagements: scoping, triaging findings, and closing them
- Comfortable working at pace with minimal hand-holding in a small, senior team
- Available immediately or within days, not weeks.
Tech Stack
- AWS
- Cloud
Benefits
- Security is everyone’s responsibility at Orbital. We ask all team members to follow our security policies, complete regular awareness training, and handle sensitive data with care in line with ISO 27001 standards.
- At Orbital, we’re committed to building a diverse and inclusive team. We especially welcome applications from people who are traditionally underrepresented in tech. Even if you don’t meet every single requirement, or if the right role isn’t listed yet, we’d still love to hear from you.