We are:
The Security team, responsible for protecting company assets and customer’s data. We solve and mitigate complex security problems,
and deal with everything from implementing new solutions, monitoring, risk management, troubleshooting and responding. We aim to achieve our goals in creative and secure ways in a robust environment. We work working closely with R&D, DevOps, and IT teams to ensure our security standards are effective.
You will:
· Identify new security threats by conducting continual monitoring, vulnerability assessments and log analysis.
· Establish technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks, through the configuration.
· Analyze, escalate, and assist in remediation of information security incidents.
· Work with web application firewalls, manage Linux servers, and secure a cloud environment such as AWS or Azure.
· Document and automate security controls, data, reports and processes to provide better metrics and operational support.
· Work with internet facing environments such as front-end web servers.
· Understand complex technical issues and manage them in a fast-paced business environment.
You have:
· 5+ years’ experience in similar role in Information Security in a hybrid environment
· Basic knowledge of information security compliance standards and frameworks such a CIS and NIST
· Familiarity with common network protocols, solutions and technologies such as Firewalls, Proxy, VPN, Segmentation, NAC, etc.
· Strong understanding of Linux environment and Microsoft OS ecosystem.
· Advanced hands-on experience of configuring, maintaining, and troubleshooting security systems
· Experience with modern authentication authorization methods, including Active Directory or Group Policy Management and SSO techniques (such as SAML, Oauth, OpenID)
· Basic knowledge of Kubernetes and containers
· Background in data security including data classification, access control and monitoring as well as data at-rest protection technics and tools.
· Some coding experience using a scripting language such as Python, PowerShell, Bash etc.
It’s a bonus if you have:
· Security certifications like OSCP, CISSP, CEH or similar
· Deep understanding and technical knowledge in AWS or Azure cloud infrastructure from security perspective
· Familiarity with secure SDLC, ability to understand and communicate findings.
· SOC/Incident Response experience
· Penetration Testing experience
· SaaS management, monitoring and control
· Experience with end point security, including patch management solutions and vulnerability assessment tools from methodology, configuration and prioritization to reporting.