SustainCERT is hiring a
Security Operations Engineer

Summary

The job is for a Security Engineer at SustainCERT, a company focused on sustainability and impact accounting. The role involves implementing and managing security controls, performing penetration tests and vulnerability assessments, maintaining Microsoft 365 Security, Azure cloud security, and other security tools, contributing to compliance efforts, providing IT support, and fostering a strong security culture within the organization.

Requirements

• Bachelor’s degree (or equivalent) in Computer Science, Data Science, or a related field
• At least 4 years of professional experience in a security engineering role, ideally with a SaaS product company
• Experience with agile processes
• Personal qualities of integrity, credibility, and dedication to combatting climate change
• Strong team player
• Good communication and interpersonal skills
• Proven experience in information security roles, with a focus on security operations, pentesting, and vulnerability management
• Strong knowledge of secure SDLC, CI/CD processes, and risk management
• Experience with Microsoft 365 Security, Azure cloud security, and SIEM tools
• Familiarity with SOC2, ISO, and GDPR compliance
• Knowledge of SaaS software development processes
• Experience with IaaS and PaaS cloud environments

Responsibilities

• Support the Chief Security Architect in building, maintaining, and improving secure Software Development Life Cycle (SDLC) and Continuous Integration/Continuous Deployment (CI/CD) tools and processes
• Perform internal penetration tests and vulnerability assessments of SustainCERT's applications, platform, and infrastructure
• Coordinate external penetration testing activities with vendors and clients
• Identify, report, and maintain vulnerabilities on SustainCERT's platform, applications, and cloud infrastructure
• Manage and improve Microsoft 365 Security, Azure cloud security, security/SIEM monitoring, incident response and investigation, and maintain and improve XDR/EDR, MDM, and anti-phishing solutions
• Contribute to the development and implementation of security awareness initiatives and foster a strong security culture within the organization
• Support and contribute to compliance efforts related to SOC2, ISO, and GDPR regulations
• Provide Level 2 troubleshooting support for IT and security issues

Preferred Qualifications

Certifications such as OSCP, OSWE, CEH, CISSP, or equivalent

Benefits

• A competitive salary and benefits package
• A full-time, remote role with hybrid possibilities should you be based in the Netherlands or Luxembourg
• A friendly and driven team to be part of
• An innovative international organization at the forefront of making a change