Information Security Engineer

Overview

We are setting up a new DevSecOps team to work on a cloud-centric product. The team will use the latest technologies, frameworks, and approaches that merge development, security and operations to create the next generation platform for our customers that will allow them to run scalable applications in modern and dynamic environments.

The Information Security Engineer is responsible for providing technical expertise related to infrastructure and software security design, implementation, and support of a new product set for the company. You will help contribute to automation-first DevSecOps teams to increase our efficiencies, ability to scale and reduce our time to market using automation and infrastructure as code (IaC).

The Information Security Engineer will be responsible for researching and applying new tools and processes for overseeing positive security and compliance posture for our products. You will interact with traditional information security teams to ensure the company maintains standards across the software and infrastructure of various product lines.

Key Job Responsibilities

• Apply technology to automate security monitoring.
• Recommend and work within the team to deploy effective security configurations and architecture.
• Create documentation to support ongoing security systems operations, maintenance, and problem resolution.
• Provide risk analysis for product features and architecture decisions.
• Deliver technical and procedural security recommendations. Identify requirements, based on secure practices and compliance needs or resulting from security issues.
• Coordinate with traditional information security teams to share ideas and maintain company-wide security standardization.

Key Skills

• 3+ years’ experience working with information security issues affecting cloud-based application service providers and/or financial service organizations.
• Skilled in Kubernetes configuration, and application management
• Solid understanding of TCP/IP, web architectures, and technologies such as HTML, JavaScript, XML, REST, PHP, and API Gateways.
• Extensive experience in systems administration, DevSecOps processes, system hardening, and patch management strategies.
• Experience with system automation frameworks (Puppet, Terraform) and CICD pipeline (Jenkins, GitLab CI/CD).
• Security-related experience including encryption, Public Key Infrastructure (PKI), intrusion detection/prevention, firewalls, SIEM and log management/analysis.
• Understanding of common web, network and system vulnerabilities and defensive solutions.
• Bachelor’s degree in computer science, information technology or equivalent.

This is an exciting opportunity to work with a highly innovative and creative team, in a great working environment using the latest technologies, methodologies, and frameworks. A competitive salary and benefits package is on offer to the right candidate.