Senior Cyber Security Engineer

Description

We are a product software development company. Looking for a skilled Senior Cybersecurity Engineer to join our dynamic team. As a Security Engineer, your main role encompasses the configuration and implementation of various security controls tailored for cloud environments, enhancing the maturity of security operation processes, conducting security assessments, and ensuring compliance with web application security best practices

Requirements

• 5+ years of experience as an Іnformation Security Engineer
• Experience securing AWS Cloud environments (security monitoring, network security, vulnerability management)
• Experience with various scanning tools (Nessus, Qualys, Tenable)
• Proficiency in utilizing security solutions like WAF, VPN, Firewalls, and IDS/IPS
• Understanding of authentication and authorization within web services (OAuth, OIDC, SAML, SSO, SCIM)
• Knowledge of various cyber attack types, tactics, and techniques, including detection, handling, and countermeasures (e.g., DDoS, Brute force, Injection, Phishing, Web-attacks)
• Hands-on experience with a centralized Incident Management System (e.g., SIEM, SOAR) for tracking and responding to security events

Responsibilities

• Manage the vulnerability management process, including discovering, reporting, automation, monitoring, and prioritization of remediation efforts
• Responding to and mitigating security incidents, conducting root cause analysis, and implementing corrective actions
• Development and maintain security incident management processes and procedures
• Implement and manage network security and segregation for AWS environments, including VPNs, public exposure controls, and network segmentations
• Conduct regular reviews and updates of security controls, such as IAM policies, security groups, NACLs, and other security controls to maintain an optimal security posture
• Integrate security solutions incidents into Jira, to streamline incident response
• Collaborate with cross-functional teams to integrate security best practices into development and deployment processes
• Implementing Single Sign-On (SSO) across different systems and adjusting system access control permissions
• Conducting security reviews of Platform components and cloud infrastructure

Nice to have

• Relevant security certifications (AWS, Vulnerability Scanner vendors, Network areas)
• Familiarity with cybersecurity frameworks such as ISO 27001, OWASP
• Experience working with security platforms like Tenable and Cloudflare
• Experience with Jira integrations, particularly with third-party security and management tools

Working conditions

• Remote work 10:00 - 19:00
• Planned Cybersecurity Development and periodical duty on-calls (planned 1 time per month)