- Building / supporting systems providing security features such as firewalls, authentication and secrets management.
- Providing subject matter expertise on architecture, authentication and system security.
- Performing security reviews of new and existing services (IT, OT, Cloud and Software).
- Liaising / consulting internally with teams on security findings to solve vulnerabilities.
- Solving interesting and large scale back-end technical challenges that affect security.
- Monitoring application and audit logging for security anomalies.
- Automation of security anomaly detection and alerting.
- Participating in forensics of security incidents.
- Looking for opportunities to innovate and optimise our security solutions.
- Security related security certifications such as CISSP and OSCP.
- BSc or BTech majoring in Computer Science would be beneficial.
Relevant Skills / Experience:
- 4+ years’ experience in a similar position as well as with software development.
- 2 years’ experience supporting a large scale application in an operational capacity.
- Experience with the following:
- Kubernetes or other container orchestration platforms.
- DevOps on a Linux based platform.
- System administration on a Linux based platform.
- Understands the security risks and mitigations through all the OSI layers.
- Understanding of database design (MySQL, Redis, etc.).
- Familiarity with ElasticSearch.
- Ruby software development experience preferred.
- Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP.
- Implementation and management of infrastructure and service monitoring systems.
- Cloud Infrastructure as a service.
- Infrastructure automation such as Cloudformation, Ansible and Puppet.
- Network and host based security solutions like Palo Alto, Fortinet, Cisco or Cloudflare.
- Design & development of back-end software and APIs.
- Object-oriented programming using a language like Ruby (equivalent will be considered).
- Software development within the Linux / Unix environment.
- Agile development practices.
- Ability to discover and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond).
- Git version control.
PS Even if you feel you don’t have all the skills listed or if this spec isn’t what you are looking for, feel free to send your CV as we probably have other opportunities that could interest you. For a more comprehensive and updated list of opportunities that we have on offer, do visit our website – [URL Removed]
- Security Engineer
- Software Development