Konfirmity
Website:
konfirmity.com
Job details:
Cloud Engineer — keep customers' infrastructure secure, automate the toil away, and use AI to move faster.
About Konfirmity
Konfirmity is a managed security and compliance company based in North Sydney. We do security-driven compliance — which means we don't sell dashboards and walk away. We embed with our clients' teams and do the actual work: writing Terraform, running DR drills, hardening cloud environments, and enforcing the controls that audits depend on. The philosophy is simple: start with what's broken, then automate it, then scale it.
We work with founders and engineering leaders selling into enterprise, where getting security right is what closes the deal — not just what keeps the auditors happy. If you've ever rolled your eyes at compliance theater (policy libraries no one reads, tools bought before anyone understood the problem), you'll fit in here.
About the role
We're looking for a Cloud Engineer who can own cloud infrastructure, work directly with customers to keep their environments secure, and use AI tools to move faster across whatever the work demands. This isn't a pure backend or pure ops role — it sits at the intersection of infrastructure, security, and customer engagement. You'll harden real systems, talk to real customers, and have a genuine security mindset baked into how you build.
Our primary stack is AWS, with occasional work on Azure and GCP. You'll be hands-on with CI/CD, security, networking, and databases — and you'll talk to customers regularly, sometimes to secure their setup, sometimes to guide them through ours.
What you'll do
- Design, build, and maintain CI/CD pipelines and deployment workflows, primarily on AWS, with occasional projects on Azure and GCP.
- Manage cloud infrastructure as code, monitor production systems, and respond to incidents.
- Implement and enforce security best practices across infrastructure, pipelines, and application layers — including secrets management, IAM, vulnerability scanning, and compliance controls.
- Harden customer cloud environments and help them meet the security bar their own customers and auditors demand.
- Administer and tune databases (PostgreSQL), and troubleshoot networking across VPCs, load balancers, DNS, and service meshes.
- Work directly with customers — onboarding, technical discovery, troubleshooting, and architecture conversations, often with a security lens.
- Use AI tools (coding assistants, agents, LLM-based automation) to accelerate your own work, and step in to apply AI to adjacent problems when the team needs it — internal tooling, data tasks, customer-facing prototypes, whatever's useful.
- Code in Python and TypeScript on a daily basis.
What we're looking for
- 2–5 years of hands-on DevOps, SRE, cloud, or cloud security engineering experience.
- Strong AWS experience (EC2, S3, IAM, VPC, RDS, Lambda, ECS/EKS, CloudWatch, etc.); working familiarity with Azure and/or GCP.
- Solid CI/CD experience with tools like GitHub Actions or CodeBuild.
- Infrastructure-as-code proficiency — Terraform, CloudFormation, or similar.
- Containerization and orchestration: Docker required.
- A real security mindset: least-privilege IAM, secrets management (Vault, AWS Secrets Manager), SAST/DAST tooling, and threat modeling.
- Working knowledge of databases (PostgreSQL) — schema design, query tuning, backup/restore.
- Solid networking fundamentals: TCP/IP, DNS, HTTP/S, TLS, VPNs, firewalls, routing, load balancing.
- Scripting in Python and Bash.
- Comfortable using AI tools (Claude, ChatGPT, Copilot, Cursor, agents) as part of daily work — and curious about applying them beyond just coding.
- Strong written and verbal communication — you'll be in async channels and customer conversations regularly.
Nice to have
- Experience with observability stacks (Prometheus, Grafana, Datadog, ELK).
- Hands-on exposure to compliance frameworks (SOC 2, ISO 27001, HIPAA) — we live in these, so even a working familiarity goes a long way.
- Experience working in or alongside a SOC, or with CSPM / cloud security posture tooling.
How we work
- We value engineers who can think across the stack and aren't precious about role boundaries. If a problem needs solving and you can use tools to solve it faster, we'd rather you did that than wait for someone else. Security isn't a separate team here — it's how we build. You'll get real ownership, real customer exposure, and the room to automate yourself out of the boring parts.
Click on Apply to know more.