Decisions is a fast-growing, private-equity-backed technology company that provides an integrated workflow and rules platform for business process automation (BPA). Trusted by top Fortune 500 firms and SMBs worldwide, Decisions empowers diverse industries around the globe to streamline and improve their processes, enhancing efficiency and yielding results, regardless of technical expertise. This no-code automation platform seamlessly integrates AI tools, rules engines, and workflow management, enabling the transformation of customer experiences, modernization of legacy systems, and the achievement of automation goals three times faster than traditional software development.
The CloudOps Engineer is responsible for designing, implementing, and maintaining the cloud infrastructure of a SOC 2-compliant software company. This role focuses on securing cloud environments, ensuring high availability, optimizing network performance, and enforcing compliance controls in alignment with SOC 2 security principles.
Key Responsibilities
Network & Security Management
- Architect and maintain secure network configurations, including VPN gateways, firewalls, and zero-trust architectures.
- Configure and manage network segmentation, VPC peering, and load balancing to enhance security and efficiency.
- Implement cloud-native security controls such as Security Groups, IAM roles, and policy-based access controls.
- Monitor and enforce SOC 2 security frameworks, including encryption at rest and in transit, least privilege access, and secure authentication protocols.
- Conduct vulnerability assessments, apply patch management, and remediate security threats proactively.
- Inform and execute incident response playbooks and coordinate with compliance teams to handle security incidents.
Cloud Infrastructure & Operations
- Deploy and optimize cloud-based workloads with automation tools like Terraform, Pulumi, or CloudFormation.
- Maintain high availability and fault tolerance, implementing disaster recovery strategies for SOC 2 compliance.
- Optimize network traffic and latency using CDNs, DNS configurations, and edge computing solutions.
- Ensure continuous monitoring with SIEM tools (e.g., Splunk, Elastic Security) for network security analysis.
- Manage cloud logging and audit trails (AWS CloudTrail, Azure Monitor, Google Cloud Logging) to ensure compliance.
- Automate configuration management and deployment pipelines with DevOps practices.
Compliance & Risk Management
- Align cloud security policies with SOC 2 Trust Services Criteria: Security, Availability, Confidentiality, Processing Integrity, and Privacy.
- Conduct periodic compliance audits, risk assessments, and security awareness training for engineering teams.
- Implement role-based access controls (RBAC) and attribute-based access controls (ABAC).
- Maintain third-party vendor security assessments for cloud services used in the ecosystem.
- Work closely with compliance teams to document security controls, review policies, and ensure SOC 2 reporting standards are met.
Key Performance Indicators (KPIs)
- Network Uptime – Maintain 99.9% availability across cloud infrastructure.
- Incident Response Time – Detect and mitigate security threats within defined SLAs.
- Compliance Adherence – Maintain 100% alignment with SOC 2 security controls and audit requirements.
- Automation Efficiency – Increase infrastructure automation to reduce manual intervention by X%.
- Security Posture – Reduce unauthorized access incidents and misconfigurations through proactive security audits.
- Cost Optimization – Optimize cloud costs while maintaining performance and compliance standards.
Required Skills & Experience
- Strong expertise in cloud networking, security architecture, and SOC 2 governance.
- Hands-on experience with cloud platforms (AWS, Azure) and network security tools.
- Exposure to IaC (Terraform, CloudFormation) and CI/CD automation.
- Exposure to SIEM, SOC automation, and cloud-native security tools.
- Strong understanding of identity & access management (IAM) and zero-trust security models.
- Knowledge of container security (Kubernetes, Docker) and serverless security best practices.
Nice to Have Certifications
- Network+ and Security+
- AWS Certified Security – Specialty
- Microsoft Certified: Azure Security Engineer Associate
- Certified Cloud Security Professional (CCSP)
- Certified Information Systems Security Professional (CISSP)
- SOC 2 Compliance & Audit Certifications