Senior Cloud Security Engineer

• Be the go-to security partner for Infrastructure & Corporate platforms (e.g., AWS, Kubernetes/EKS, Terraform/IaC, networking, identity, endpoints, Google Workspace), providing clear standards, patterns, and design guidance.
• Embed security into delivery by partnering with Infrastructure, Engineering, and Product Security (Donjon) to drive early detection and mitigation of vulnerabilities (shift-left + runtime controls).
• Design and implement secure architectures: threat modeling, security reviews, risk assessments, and security sign-off for infrastructure and platform changes.
• Build security automation and tooling:

• Integrate security checks into CI/CD (SAST, SCA, secrets scanning, IaC scanning, container/image scanning, policy-as-code).
• Enable continuous compliance and evidence collection where relevant (e.g., SOC2-oriented controls).

• Lead proactive security practices: vulnerability assessments, penetration testing (when relevant), Kubernetes and cloud posture reviews, and IaC code reviews with actionable remediation.
• Drive hardening and guardrails: secure configuration baselines, identity and access controls (least privilege), network segmentation, secrets management, logging/monitoring requirements, and standardized platform patterns.
• Support incident readiness and response for infra/corporate security events: detection coverage, triage playbooks, and post-incident improvements in collaboration with the Security Operation Team.
• Continuously evaluate and introduce security solutions to address gaps, with a focus on operational simplicity and measurable risk reduction., At Ledger, we are dedicated to continually investing in our employees which is why we offer more than just salaries; we provide comprehensive compensation packages that include a wide range of benefits. Here are some of the benefits you can look forward to:
• Flexible work options - Our hybrid policy allows employees to work from home up to 3 times per week
• Health & Wellness support - Health and Life Insurance.
• Financial growth opportunities - Employees can become shareholders in Ledger as well as other financial benefits depending on your country of work.
• Commuter allowance - Ledger offers a commuter allowance to contribute to your preferred means of transportation.
• Learning & Development - A comprehensive suite of training solutions providing a personalised learning experience for every employee.

• 10+ years of experience in information security, including a strong focus on infrastructure, cloud, and/or platform security.
• 6+ years of hands-on experience in DevSecOps, automation, and cloud-native security (CI/CD, IaC, containers/Kubernetes).
• Strong technical proficiency with:

• Linux/Unix, Git, scripting (Python preferred)
• Terraform / Infrastructure-as-Code
• Kubernetes (ideally EKS) and container security
• AWS architectures and security controls (IAM, networking, logging, key management, posture management)
• CI/CD systems and engineering workflows (GitHub/GitLab, etc.)

• Proven ability to define standards and influence engineering decisions across teams (guidelines, reference architectures, secure patterns).
• Solid experience deploying and operating security tooling (scanners, policy engines, detection/monitoring, vulnerability management), and working with incident response processes.
• Excellent written and verbal communication skills, able to produce clear technical guidance and drive alignment across stakeholders.
• Comfortable operating autonomously, handling ambiguity, and staying effective under pressure.

About Ledger We're a team of experts pushing the limits of what's possible, united by our common goal to unlock true freedom through digital ownership, making technology accessible for all. We believe in a world where users, creators and enterprises manage their value with ownership and freedom. Our curiosity drives us to innovate, empowering individuals on a global scale. We believe change is constant and our team moves forward as one, with a culture of problem-solving where every employee is empowered and supported to challenge tradition and create solutions. Our mission is simple: to make self-custody accessible and give people the keys to their own financial futures. If you want to make a true impact, we want you to join us at Ledger. At Ledger, we're proud to be the global platform for digital assets and Web3, with over 20% of the world's crypto assets secured through our Ledger devices. With our headquarters in Paris, and offices in Vierzon, Grenoble, Montpellier, London, Portland, Geneva, Zurich and Central Singapore, we have a team of around 600 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets - including the Ledger hardware wallets line with more than 7.5 millions units already sold in 200 countries. The team: You will join Ledger's Cyber Security team as a senior hands-on security engineer focused on Infrastructure & Corporate Security. What you'll be doing: Your mission is to raise the security baseline of Ledger's cloud and corporate platforms by defining pragmatic security guidelines for Infrastructure teams, designing and implementing secure-by-default architectures, and delivering automation that makes security continuous (CI/CD, IaC, detection, hardening, and guardrails). Ledger operates at the forefront of Web3 and hardware wallet security. We are looking for a highly technical, autonomous, and impact-driven engineer who can operate in a fast-moving environment, influence technical decisions, and become a trusted reference across teams on infrastructure and corporate security topics.