We are growing and seeking a Security Engineer to join our expanding security team. As a Security Operations Engineer, your role involves configuring and monitoring security tools specific to cloud environments, conducting security assessments, and ensuring compliance with best practices for cloud security.
Responsibilities:
- Implement and configure vulnerability management tools for cloud infrastructure, conducting regular scans and assessments to identify security weaknesses.
- Collaborate with development and operations teams to integrate vulnerability management into CI/CD pipelines.
- Conduct regular reviews and updates of security group policies, IAM configurations, security groups, NACLs, and other security controls to maintain an optimal security posture.
- Respond to and mitigate security incidents, conduct root cause analysis, and implement corrective actions to prevent future incidents.
- Participate in security assessments aimed at identifying and mitigating potential vulnerabilities arising from changes in services infrastructure or the software development lifecycle.
- Assist with security monitoring tasks and contribute to the development and enhancement of our SIEM system.
Requirements:
- A Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent work experience).
- Experience with Amazon Web Services, and vulnerability management tools.
- Familiarity with DevSecOps practices and integrating security into CI/CD pipelines.
- An understanding of incident management processes and procedures.
- Familiarity with common security frameworks and standards (OWASP, ISO 27001, NIST).
- Awareness of various cyber threats, their tactics, and techniques.
Nice to have:
- Familiarity with containerization technologies such as Docker or Kubernetes.
- Familiarity with IaC approach and CI/CD tools like Jenkins, GitLab, and Terraform.
- Familiarity with security configurations and hardening techniques for various server operating systems.
- Knowledge of common web application vulnerabilities (e.g., SQL injection, Cross-Site Scripting) and methods to mitigate them.
What we offer:
- A real opportunity for professional growth and self-improvement in a team of professionals
- Comprehensive medical insurance for each employee
- Challenging and exciting tasks, and all the needed tools to achieve them
- 22 days of vacation, 10 sick leave, 5 days off
- Ability to focus on your work — lack of bureaucracy and micromanagement
We would be happy to see you in our team!