Lohika Official web site: www.lohika.com.ua Lohika is the IT software development company specializing in product innovation and engineering services for cutting-edge technology companies. Founded in 2001, we have grown to 1000+ Software Engineers and 6 development offices all over Ukraine (Kyiv, Lviv, Rivne and Odesa).
12 июля 2019

Security Engineer for Lohika (вакансия неактивна)


Lohika company provides premium software engineering services to leading technology companies. Our customers usually range from startup to high growth and VC backed companies, which drives a culture of acceleration and innovation. We are sure that team extension is the only engagement model which works best.

• Checking of Information Security compliance in the clauses signed in the contracts with customers and issuing compliance statement outlining risks, vulnerabilities and types of security measures
• Work closely with Account management teams to avoid any business impact with the customers
• Monitoring, analysis and response to the events, alerts from information security systems
• Control the vulnerability management, process and track its results
• Support of access rights matrix across the organization and perform their periodic revalidation
• Participate in local Information Security incidents response, helps EM to produce a proper fix, works on improvement of security procedures with IT to distribute this fix to the rest of organization
• Analyze and approve of internal requests, initiatives, advise on information security issues and problems
• Projects security compliance reports
• Responses to the events, alerts
• Vulnerability management
• Access rights matrix
• Cooperation with IT team and Lohika stakeholders
• Network and architecture recommendations

• An Expert with at least 3+ years of experience in Information Security
• Education: University degree
• BE/Btech/MCA, certifications in information security area will be much appreciated
• IT security principles, practices, terminology and trends
• Experience in tuning, rules creation, maintenance of SIEM, IPS, firewalls, antimalware and antispam systems, content filtering and other information security platforms
• Network and endpoints infrastructure technologies (protocols, routing, NAT, segmentation, VLAN, VPN, remote connection, wi-fi, domain services, GPO, Windows/MacOS/Linux/virtualization platforms) and security mechanisms (NAC, 802.1x, port security, acl, local firewall, app and device control, encryption, hardening)
• Rules of incidents response and evidence collection
• Access management (password policy, RBAC, SRP)
• Vulnerability management systems or services, pentesting approaches, patch management
• Web and e-mail security
• Intermediate English is mandatory.

• Project management
• Experience with ISO 27001 or other information security standards
• Legislation, regulations in the information security area
• Experience in TI, DLP, MFA, SSO, LAPS, WAF, ddos protection, DB management
• Cryptography principles, approaches, algorithms, means, key management
• Information security forensic approaches and tools

• Friendly and highly professional teams
• Flexible working hours with no overtime
• Regular performance reviews
• Internal training
• Comfortable office facilities (kitchens, gym, sports activities, yoga, lounge rooms, coffee machines, etc.)
• Christmas holidays (31st December —7th January) and state holidays
• Fully paid English classes (twice per week) with own English teachers and native speakers
• Premium Medical insurance (medication, massage, and doctor in the office, etc.)
• Paid sick-leaves
• Life insurance
• 20 working days of annual paid vacation
• Incentives (marriage, childbirth)
• Corporate events (corporate parties and sports competitions)

And much more!

Please send your CV or contact us with more questions!