Sporty Group is hiring a
Information Security Engineer in Worldwide

Summary

The job is for a Security Engineer at Sporty's, a globally established and successful internet company. The role involves implementing and monitoring security measures, developing best practices, and conducting internal/external security tests. Requirements include 3+ years of experience as a Security Engineer or relevant position, basic coding skills, knowledge of web application security vulnerabilities, and hands-on experience in network and system security.

Requirements

• 3+ years' experience of working as a Security Engineer or other relevant position
• Basic coding skills such as HTML, CSS, Shell Script, Python and other languages
• In-depth knowledge of database and operating system security
• Ability to discover and identify SQLi, XSS, CSRF, SSRF, authentication and authorisation flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond)
• Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP
• Knowledge of browser-based security controls such as CSP, HSTS, XFO
• Experience with standard web application security tools (Arachni, BurpSuite)
• An understanding of best practices and how to implement them at a business-wide level
• Hands-on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering
• Hands-on experience in network security and networking technologies and with system٫ security, and network monitoring tools
• Fluency in English written and spoken

Responsibilities

• Work directly with the project teams to facilitate building secure workflows, processes, systems, and services
• Develop best practices and security standards for the organisation
• Understand software, infrastructure and internet needs and adjust them according to the business environment
• Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
• Ensure the organisation knows as much as possible, as quickly as possible about security incidents
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
• Find cost-effective solutions to cybersecurity problems
• Conduct the internal/external security test/audit on our service, application, and infrastructure
• Assist fellow Team Members with cybersecurity, software, hardware or infrastructure needs

Preferred Qualifications

• CyberSecurity certifications such as CISSP, CISA/CISM, CompTIA Security+, CEH, or GSEC would be beneficial
• Certifications such as PMP, ISO 27001 LA would be beneficial

Benefits

• Quarterly and flash bonuses
• We have core hours of 10am-3pm in a local timezone, but flexible hours outside of this
• Top-of-the-line equipment
• Referral bonuses
• 28 days paid annual leave
• Annual company retreat
• Highly talented, dependable co-workers in a global, multicultural organisation
• Payment via DEEL, a world class online wallet system
• Our teams are small enough for you to be impactful
• Our business is globally established and successful, offering stability and security to our Team Members