toogeza is hiring a
Security Infrastructure Engineer, Remote - Worldwide

Summary

The job description is for a Security Infrastructure Engineer position at Rockets Tech, a company that creates mobile and web solutions. The role involves safeguarding digital assets and fortifying defenses by performing various responsibilities such as event collection and analysis, security rule development, monitoring and incident response, risk analysis, etc. The requirements include specific experience, knowledge of IT infrastructure and network security principles, IAM systems, vulnerability management systems, SIEM configuration, antivirus systems, security standards, database experience, cloud solutions, external audit experience, risk and incident management methodologies, documentation skills, scripting languages, operating systems, English language proficiency, and more. The benefits include medical insurance, vacation days, sick leave without a medical certificate, education budget, personal professional training balance.

Requirements

• Experience: Minimum 3 years of experience in IT and/or information security
• Understanding of IT Infrastructure and Network Security Principles: Familiarity with the workings of IT infrastructure protection systems and network security
• IAM (Identity and Access Management) Experience: Experience with IAM systems
• Vulnerability Management Experience: Proficient in vulnerability management systems
• SIEM Configuration: Experience configuring SIEM tools (such as Open Search, Splunk, or others)
• Antivirus Systems: Familiarity with antivirus systems; experience with CrowdStrike is advantageous
• Security Policy Configuration for Google Workspace/Office 365: Ability to configure security policies for these platforms
• Tool Proficiency: Familiarity with tools like Terraform, GitLab, Prometheus, Grafana, Loki, Docker, Docker Compose, PowerBI, HaProxy, Nginx, and LEMP
• Security Standards Knowledge: Understanding of general information security management systems (such as ISO/IEC 27001 and NIST)
• Database Experience: Ability to deploy and administer databases
• Cloud Solutions: Familiarity with AWS, DigitalOcean, CloudFlare, GCP, and Kubernetes
• External Audit Experience: Experience with external audits (either undergoing or conducting them)
• Risk and Incident Management Methodologies: Understanding of risk and incident management methodologies
• Documentation Skills: Ability to write documentation (instructions, policies, guidelines)
• Scripting Languages: Familiarity with programming/scripting languages like Python, Bash/Shell scripts, SQL, and PowerShell (for automation, parsing, API work, and database tasks)
• Operating Systems: Desired experience with Windows, Linux, and MacOS
• English Language: Intermediate or higher proficiency (both written and spoken)

Responsibilities

• Event Collection and Analysis: Gather and analyze events from infrastructure components (websites, servers, databases)
• Security Rule Development and Implementation: Create and implement security rules for scenarios like fake registrations, mass registrations, and DDoS attacks
• Monitoring and Incident Response: Monitor and respond to rule triggers/incidents, refine response rules, and handle blocking actions
• Security Incident Investigation: Investigate security incidents
• Resource and Service Registry: Maintain a registry of resources and services
• Security Compliance Control: Ensure resource compliance with international security standards and apply the latest security patches
• Collaboration with Subcontractors and Security Partners: Work closely with subcontractors and partner companies on security matters
• Administration of Security Systems: Manage security systems such as MDM (Mobile Device Management), BYOD (Bring Your Own Device), SIEM (Security Information and Event Management), and CloudFlare
• Risk Analysis and Mitigation: Assess existing risks and develop compensatory actions to minimize them
• Risk Analysis for New Systems and Projects: Evaluate potential risks related to implementing new systems, services, or applications to enhance business processes

Benefits

• Medical Insurance
• Vacation: 20 business days per year
• Sick leave without medical certificate: 5 business days per year
• Education budget
• Personal professional training balance