KIVORK is an international IT company specializing in the travel and transport industries. We are looking for highly-qualified and result-oriented professionals ready to challenge themselves and upgrade their skills. Join us for creative projects and ambitious plans which have in common!
26 вересня 2022

Application Security Engineer / Cybersecurity Architect (Senior) (вакансія неактивна)

віддалено

KIVORK is an international IT product company. We work together to design and create products that we are proud of for the people we believe in. Become an integral part of a diverse KIVORK team, where our employees come first.

KIVORK is an international IT product company. We work together to design and create products that we are proud of for the people we believe in. Become an integral part of a diverse KIVORK team, where our employees come first.

Requirements

  • Experience in implementing DevSecOps / Secure SDLC
  • Deep knowledge in GDPR, PCI DSS, OWASP SAMM, BSIMM, ISO27001, SOC2
  • Knowledge of AWS cloud platform security and automated testing tools
  • Experience with SAST/DAST, SCA, Elasticsearch, WAF, NGFW, EDR, and DLP tools
  • Knowledge of risk assessment tools, technologies, and methods
  • Experience in designing secure networks, systems, and application architectures
  • Knowledge of disaster recovery and business impact analysis
  • Familiarity with planning, researching, and developing security policies and procedures
  • Experience in system administration, supporting multiple platforms and applications
  • Strong personal ethic, discretion, and good interpersonal skills

What you will do

  • Ensuring the security of sensitive data
  • Identify and recommend changes to the security controls, assess potential risks to data and products, and provide recommendations on mitigation of these risks to acceptable levels
  • Application security, code review, architecture reviews, experience with DevSecOps tools, integration DevSecOps methodology for the organisation’s products
  • Perform cloud environment security assessments and hardening
  • Developing practices and templates for security risk assessment and threat modeling
  • Ensure operations are in compliance with security standards CIS, NIST, SOC2, OWASP
  • Analysis of the use of third-party and open source software, libraries, and components
  • Conducting cybersecurity training for employees
  • Advising teams on various security-related issues
  • Suggest tools and techniques to achieve security goals

What we offer

  • Interesting and promising projects
  • Motivating salary
  • Comfortable office downtown
  • Work in a friendly team
  • Job stability and great opportunities for professional growth