Cloud Security Engineer
Daon, is an innovator in developing and deploying biometric authentication and identity assurance solutions worldwide. Daon has pioneered methods for securely and conveniently combining biometric and identity capabilities in multiple channels with large-scale deployments that span payments verification, digital banking, and securing borders and critical infrastructure. Daon’s solutions provide our customers with choice, making it easier and safer for people to conduct business online, travel, vote, and so much more. Daon’s IdentityX® Platform for mobile biometric authentication removes friction from the authentication process while dramatically reducing fraud to previously unattainable levels. IdentityX allows businesses to conduct transactions with any consumer at any time with total confidence. Get to know us on Twitter, Instagram and LinkedIn.
The Part You will Play – Role Summary:
As the Lead Cloud Security Engineer, you will be supporting Cloud Services Team in the development of security controls, mentoring others in technical security concepts and ensuring secure cloud practices are followed. You will play a meaningful role in maintaining the controls that enable our organization to operate expertly, cost effectively, and within compliance standards. You will also assist others in interpreting, understanding, and applying information security policies and standards to mitigate information security risks. You will develop positive partnerships and work closely with other members of the Information Security and Legal Compliance teams in a coordinated and focused manner.
Essential Functions & Role Responsibilities:
- Support cloud certification activities, system hardening, vulnerability testing, and scanning.
- Continuously evaluate Daon’s cloud security practices, help to define, standardize, and measure security-related activities, and demonstrate concrete improvements to our security posture.
- Monitor systems for security incidents and vulnerabilities. This includes developing monitoring and visibility capabilities as well as reporting on incidents, vulnerabilities and trends.
- Respond to information system security incidents, including the investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches.
Critical Success Factors - Knowledge & Experience:
- Experience in applying OWASP tools and techniques in the context of cloud hosted services including hands-on experience in performing vulnerability scanning and penetration testing
- Experience with secure configuration best practices and the hardening of critical Linux systems
- Experience with web application security and the use of technologies such as load balancers and reverse proxies
- A thorough understanding of network topologies and design regarding security best practices such as defense in depth and least privilege
- Comfortable using the Linux/UNIX command line interface
- Basic scripting abilities in Bash (Mandatory) and Python (Desirable)
- Experience of AWS and its various services (EC2, RDS, VPC, EKS, S3, Route53, KMS and IAM etc) from the perspective of security testing, audit and compliance
- A deep understanding of common network protocols and services (TLS, DNS, HTTP, SSH, SMTP)
- Experience with enforcing security best practices in containerized deployments (Ideally ECS and/or Kubernetes)
- Familiarity in SCM usage (Git preferred)
- Experience in preparing for, and participating in, external security audits such as ISO 27001, SOC 2 and HIPAA etc.
- Experience in liaising with external penetration testing and vulnerability assessment providers.
Critical Success Factors – Personal Traits & Characteristics:
- Excellent written, verbal, and interpersonal communication skills
- Problem solving skills to solve problems effectively and creatively while maintaining a high level of flexibility, professionalism, and integrity
Education, Training & Experience Required:
- Bachelor's degree or equivalent work experience; Advanced degree preferred.
- Five (5) years of experience with AWS, network security, and system security
- Certifications in CISSP, CISM, CEH, etc, or AWS Certified Security
- Flexible work environment
- Hybrid approach - work from home or office
- Modern new office in the city center in Belgrade
- Working hub in the center of Novi Sad
- Health & Wellness
- Full-covered medical insurance for you and your family
- Fitpass Card
- Company-sponsored life insurance
- Learning & Development
- An opportunity to work with the latest tech stack within the growing world of biometric and identity
- Support in personal skills development through internal and external education
- Great Culture
- Organized Sport&Social Club and company events
- Supportive and friendly people
- International working environment
- Possibility to travel abroad and much more!
- Qualified applicants will be invited to schedule a 30-minute introductory call with our HR Business Partner
- Candidates selected for 2nd round interview will then be invited to a series of practical interviews with members of the technical teams
- Successful candidates will be selected and contacted with an offer to join our team
Come join the team that is changing the way biometrics and identity authentication operate globally!