Zeal Group is hiring a
Senior Security Engineer

Summary

Join a dynamic team at Zeal Group, an award-winning FinTech organisation, as a Cyber Security Engineer. Contribute to security incident investigations and tool development direction. Perform risk analysis and mitigate risks of cloud infrastructure.

Requirements

• 5+ years of relevant working experience
• Solid knowledge in cyber security
• Expert in cyber security operations processes and their tailoring towards the application domain
• In depth knowledge of Kubernetes and Helm as well as hands-on experience using them
• Experience with GCP Cloud, especially with implementation of CSPM
• Expert knowledge of Terraform, GitLab CI, Qualys
• Knowledge in modern techniques for exploiting the vulnerabilities of applications
• ITIL knowledge (change control process, change management, problem/incident management, procedures, guidelines, etc)
• Experience and skills in unix
• Strong knowledge in CI/CD
• Experience with security audits
• Knowledge of static and dynamic security scanning tools
• Ability to thrive under stressful situations
• Ability to work with several tasks at the same time
• Team player with energy and a desire to progress in a fast moving, demanding and progressive environment
• English language A2 is a must

Responsibilities

• Participation in security incident investigations
• Contribute to the management of the cyber security tools development direction and roadmap of security tools, investigate technologies, run proof of concepts and testing
• Performing continuous risk analysis and mitigate risks of cloud infrastructure
• Develop and present reports on audit findings, highlighting risks, security gaps, and non-compliance with internal policies and external regulations
• Hardening and security enhancements within cloud infrastructure GCP and K8s
• New cyber security monitoring tools research and development
• Assess security stance of cloud and on-premise deployments. Recommend and implement mitigation measures
• Support for internal documentation (standards, manuals, descriptions, etc.)
• Collaborate with application architects in questions of cyber security requirements and possible solutions
• Implementation of automated cyber security measures (rolling secrets, analysis of security audit logs, ...)
• Participation in cyber security team’s project activities
• Vendor assessment and comparison
• Continuous improvement of security events monitoring
• Develop in cooperation with other teams alerts, rules and monitoring automation solutions
• Installation support and content development (dashboards, alerting, etc) for cyber security tools
• Implementing and automating security of Kubernetes cluster (prod/dev/uat environment)

Benefits

• 21 paid days of holidays per year, with an additional 10 days for national holidays
• Training opportunities to foster professional growth and knowledge expansion
• Remote work options
• Flexible and hybrid work schedule, reflecting our commitment to work-life balance
• Participation in the company's Referral Bonus Program