Information Security Engineer

Summary

Join our cybersecurity team as a Security Engineer and enhance our security posture. Implement, configure, and maintain security solutions. Provide technical security guidance to various departments. Secure internal products, third-party applications, cloud environments, and containerized workloads. Conduct security assessments, review code for vulnerabilities, and educate teams on security best practices. Effectively communicate security risks to both technical and non-technical stakeholders. Help improve our security posture and ensure compliance with industry standards.

Requirements

• Hands-on experience with security solutions such as SIEM, AV/EDR, DLP, IDS/IPS, IAM, WAF, and cloud security services (AWS, Azure, GCP)
• Knowledge of how vulnerabilities impact containers and virtualization environments
• Experience conducting security code reviews and identifying vulnerabilities in modern programming languages
• Strong understanding of cloud security principles, IAM hardening, and secure CI/CD pipeline practices
• Past experience in performing penetration tests, vulnerability assessments, and risk analysis
• Knowledge of OWASP Top 10, MITRE ATT&CK, and secure development practices
• Ability to assess third-party software and cloud services for security risks
• Experience working with cross-functional teams, including developers, IT, business, and executives and able to present complex security topics to non-technical stakeholders in a clear and concise manner
• Strong ability to document findings, write technical security guidelines, and create training materials

Responsibilities

• Assist infrastructure teams in deploying, configuring, and maintaining security solutions such as SIEM, EDR/AV, DLP, IDS/IPS, WAF, IAM, and cloud security tools
• Ensure seamless integration of security tools across the company and assess third-party integrations and vendor solutions for security risks
• Tune and optimize security monitoring solutions to reduce false positives and enhance detection capabilities
• Act as a security advisor for developers, DevOps, IT, business teams, and other stakeholders, ensuring security best practices are integrated into their workflows
• Conduct security code reviews for internal applications and third-party solutions
• Perform security assessments on virtualization environments, containers, cloud platforms, APIs, and network architectures
• Identify and mitigate vulnerabilities related to OWASP Top 10, misconfigurations, insecure integrations, and emerging threats
• Work closely with engineering teams to remediate identified security risks efficiently
• Assist in developing and delivering security awareness training for employees
• Train development and infrastructure teams on secure coding practices, security automation, and vulnerability mitigation techniques
• Stay up to date with current threats, vulnerabilities, and attack techniques
• Help the company improve its security posture and ensure compliance with industry standards (ISO 27001)
• Clearly communicate technical security findings to non-technical stakeholders, leadership, or regulatory bodies
• Document PoCs (Proof of Concepts) and security tests effectively

Preferred Qualifications

Google Professional Cloud Security Engineer, AWS Security, Azure Security, or Container Security certifications are a plus

Benefits

• Private health insurance
• Bi-Monthly company wide social and team building activities
• Hybrid & Remote work arrangements
• Flexible working hours
• Daily paid meal
• Training and Development opportunities