Technical Director of Cloud Security
Working to solve our climate crisis is the most important mission of our time, and the most exciting problem to be working on. Overstory’s mission is to help solve our climate crisis by providing real-time intelligence about the planet’s vegetation. In our first step toward this mission, we are applying machine learning to satellite imagery to track forests and vegetation, helping to reduce the risk of wildfires and power outages.
We have already proven our business model and we’re all united behind our ambitious vision to scale up this model to help humanity and the planet. We recently raised a round of funding, led by Convective Capital. Other investors include: B Capital Group, Moxxie Ventures, Capital T, Pale Blue Dot and many other climate-focused investors.
If you want to have a real impact and solve some of the world's most complex challenges with advanced technology, come work with our talented and passionate team. Overstory is based in Amsterdam but we are a remote-first company, with people living all over the U.S. and Europe.
About the role
At Overstory, we are seeking a dynamic and experienced Director of Cloud Security to play a critical role in safeguarding our cutting-edge technologies in a fast-paced AI startup. This unique position combines hands-on DevOps/SecOps work with leadership responsibilities, offering an exciting opportunity to make a significant impact. As the Director of Cloud Security, you will oversee the design and implementation of cybersecurity strategies, drive innovation in cloud security practices, and ensure the resilience of our operations. Ideally, you’re in a time zone +/- 1 hour from CET.
In this role, you will have a split between hands-on technical work and leadership responsibilities. Your key responsibilities will include:
- Develop and implement comprehensive cloud security strategies, policies, and procedures to safeguard our cloud infrastructure and data assets.
- Collaborate with DevOps and engineering teams to integrate security into the software development lifecycle (SDLC) and cloud deployment processes.
- Implement and manage security controls and tools, including identity and access management (IAM), encryption, network security, and intrusion detection and prevention systems.
- Monitor and analyze cloud security logs and alerts, investigate security incidents, and coordinate incident response efforts.
- Conduct regular vulnerability assessments and penetration testing, and oversee the remediation of identified vulnerabilities.
- Ensure compliance with industry standards and regulations (e.g., GDPR, HIPAA) by establishing and maintaining appropriate security controls.
- Stay up-to-date with the latest security threats, vulnerabilities, and best practices, and recommend enhancements to our security infrastructure and processes.
- Collaborate with external auditors and partners to ensure security requirements (ISO 27001, SOC2) are met and maintain successful security-related partnerships.
- Provide technical guidance and support to the organization on cloud security and SecOps matters.
- Lead and contribute to security awareness and training initiatives for employees, supporting colleagues across Overstory to build a security mindset.
We're seeking a highly skilled individual who possesses a special blend of technical expertise and leadership capabilities. The ideal candidate will have:
- Proven experience in cloud security and SecOps roles, with a strong focus on cloud infrastructure and operations.
- In-depth knowledge of cloud platforms such as AWS, Azure, or Google Cloud, and their security services and controls.
- Solid understanding of security principles, industry standards, frameworks (e.g., NIST, ISO), and compliance requirements.
- Experience with security operations tools and technologies, such as SIEM, IDS/IPS, WAF, vulnerability scanners, and log management systems.
- Proficiency in scripting and automation using languages such as Python or Bash, as well as configuration tools like Terraform
- Familiarity with DevOps practices and tools, including CI/CD pipelines, infrastructure-as-code, and containerization.
- Strong analytical and problem-solving skills, with the ability to quickly identify and mitigate security risks.
- Excellent communication and collaboration skills, with the ability to work effectively with technical and non-technical stakeholders.
- Relevant certifications such as CISSP, CCSP, AWS Certified Security - Specialty, or Certified Ethical Hacker (CEH) are preferred.
- Experience managing/leading small teams of technical colleagues in a remote-first environment.
- Contributions to the cybersecurity community, such as publications, speaking engagements, or active participation in industry forums.
What you get
- To be part of truly mission-driven work that reduces wildfires, protects earth’s natural resources and helps solve our climate crisis.
- Flexible working environment with a lot of autonomy. We build our work days around our lives, not the other way around.
- Other benefits like a remote working budget, an educational budget and time to develop new skills.
- To be surrounded by an excellent, vibrant, smart team who have each other's back and believe in a culture of openness, tolerance and respect.
- Equity and a competitive salary.
About our team
We are a group of 43 people from all over the world. Twelve nationalities are represented in our team. We work remotely from eight different countries and occasionally (optionally!) meet up for in-person collaboration.
Diversity & Inclusion
We place enormous value on diversity and inclusion and strive to continually bring in people of all genders, races, creeds, ethnicities, abilities and backgrounds. We believe that the best ideas emerge when people with different perspectives and approaches work together on a problem.
We’re always looking to diversify our team further, but we’re proud of the fact that four out of the eight people on our leadership team are female or non-white males, 40% of the overall team are female and 25% of the team are people of color. Our team speaks ten languages: English, Dutch, French, German, Italian, Portuguese, Russian, Luxembourgish, Indonesian and Cantonese.
Tackling the climate crisis is our greatest mission.
We act with urgency.
Our curiosity fuels our growth.
We recognize that change is constant, and we find joy and power in exploration.
We’re rooted in diversity.
Just as ecosystems need biodiversity to thrive, our resiliency comes from our differences.
We care for each other.
We love the power of machines but we nurture each other as humans.
Trust is fundamental.
We assume the best in everyone, and we share ideas openly so that we have a positive impact.