Security Operation Engineer

Advertised Category: 
DevOps
Information Security
Category Description: 
Information Technology\IT Security
Level: 
Permanent
Country: 
Slovakia
City: 
Bratislava
Keywords: 
IT security
IAM
Cryptography
CD/CI
Salary: 
The minimum gross monthly base salary for this role is 2000 EUR/m for full time. The final offer to you will be set up fairly, considering the skills and experience that you bring. You can look forward to extra rewards and benefits including an attractive

About the Client

Our client is a risk tech start-up within one of the world’s leading providers of reinsurance, insurance and other forms of insurance-based risk transfer. We anticipate and manage a wide variety of risks, from natural catastrophes and climate change to cybercrime.

Our client provides digital, bespoke and transparent LH and PC protection products in a B2B2C manner. Founded in 2014, we're transforming the way consumers buy insurance with a unique digital insurance engine which incorporates the latest technology with world-class underwriting capabilities. We build strong partnerships to sell insurance via trusted brands.

Our client offers a flexible working environment where curious and adaptable people thrive. Are you interested in joining us?

About the Role

Our client's IT Cloud Development and Operation team is responsible for architecture, build, test and operation of AWS infrastructure and Kubernetes platform. We are responsible for building and maintaining secured, reliable and resilient infrastructure that enables us to provide best possible quality of service to our distribution partners.
We are also providing support to various teams with matters related to IT infrastructure and related services. You would be part of the group located in Bratislava, while also cooperating with the groups in different countries around Europe.
Technologies and tools, infra squad is using:
AWS and its services, Terraform, Ansible, GitLab, Docker, Kafka, PostgreSQL, MySQL, Linux, Python, Bash, Java, Node Js and more!

Responsibilities

•    Work on ever evolving security framework and AWS cloud infrastructure architecture.
•    Manage development of new and existing security service components into service models for CI/CD provisioning.
•    Accountable for verifying security posture of infrastructure to meet appropriate compliance and governance requirements
•    Contribute to the design, implementation, and execution of security review and test methodologies for the recurring and holistic testing of a critical group of AWS infrastructure services.
•    Ensure remediation of risks by partnering with our client's CISO and with other squad infra teams.
•    Perform design review, threat modeling, security review, penetration testing, and red teaming on production systems for AWS infrastructure. 
•    Scope and perform penetration testing vulnerability research of our client's AWS solutions. 
•    Work closely with the internal teams as well with AWS Security teams to develop large scale, cutting edge, testing, monitoring, remediation, and analytics solutions.
•    Work closely with other internal development teams to create comprehensive security tooling and functional improvements at scale.
•    Demonstrate exceptional judgment, integrity, business acumen, and communication skills.
•    Prepare and present detailed, written technical information for internal and external audiences.
•    Participate in architecture decisions and provide design guidance for current and future projects related to our cloud infrastructure.

Requirements

 Passionate about internet security issues and the threat landscape for popular software services with the ability and desire to root-cause, mitigate, and explore deeper.
•    Domain expertise in at least 2 of: security architecture and engineering, communication and network security, identity and access management (IAM), security assessment and testing, cryptography, and software development security.
•    A data-driven and quantitative mentality--you excel in supporting ideas with available evidence.
•    Experience with the design and implementation of technical security controls at the business division level.
•    Experience performing or supporting Red Team engagements with an understanding of a holistic assessment
•    Experience with AWS or similar enterprise cloud computing platforms.
•    Experience with full-stack (Linux / Unix) software architectures from UI to infrastructure.
•    Experience with serverless architectures, and common virtualization techniques (hypervisors/containers/jails) and escapes/exploits from these environments.
•    Experience with micro-service, API-based agent, or service oriented software architectures.
•    Operations experience with CI/CD development or managing distributed systems
•    Web service assessment experience with authentication controls, session management, access controls, logic flaws, injection vulnerabilities, request smuggling, cloud privilege escalation, DOS attacks
•    3+ years' experience in software security.
•    Bachelors' degree in Computer Science or similar field or equivalent work experience.
•    1+ years of proficiency in at least 1 scripting programming language, familiarity with Java, and familiarity with Python

Nice to Have Skills

Participation in Bug Bounty programs

How to apply
In case of your interest to apply for this position, please, send us your curriculum vitae in English language on boris.medved@sourcefirstinternational.com .
Mission statement

Our mission is to offer variety of matching jobs to qualified candidates and fulfil our client recruitment and project needs. We have decided to operate and source in Eastern European countries.

Contact us

Klariská 14, 811 03 Bratislava, Slovakia
Lidická 700/19, 602 00 Brno, Czech Republic

www.sourcefirstinternational.com jobs@sourcefirstinternational.com Phone: +421 903 427089
Copyright 2018 © All Rights Reserved