Security Engineer (Flip Team)

We’re always looking for the ones truly passionate about their work. If you are amongst them, you can rest assured there is a place for you in eMAG. We’ve grown very fast and are determined to keep doing so. What brought us here is our desire for continuous evolution and practical results.

More than 6000 colleagues are part of eMAG Teams . We strongly believe in people's development and therefore every year we invest more and more energy and resources to remain an organization that is constantly learning. We want to ensure that you’ll have the most talented colleagues and the proper environment to grow and achieve great results, to become what you desire on a personal and professional level. Join us, grow faster !

Security Engineer (Flip Team)

Flip is setting up the Cyber Security team which has the mission of protecting Flip's data and IT assets by employing a range of technologies and processes to prevent, detect, and manage cyber threats. In order to sustain that evolving landscape, new capabilities need to be introduced or created.

In this role, you are fully responsible for coordinating operational information security in its broadest sense, together with asset owners. Among other things, you will drive the development and implementation of processes and guidelines concerning the information security policy of the entire organization. This position will also act as a sole contributor at times but is primarily responsible for accomplish the overall vulnerability management mission.

If you understand the ever-growing number of security threats, you have the right knowledge and tools to lock them out of the ecosystem, then you can join our team and find the perfect spot to prove it.

What you’ll have to do:

• Conduct vulnerability assessments on Internet-facing systems and internal systems;
• Document technical issues identified during security assessments and incidents and write reports;
• Follow up on implementation of corrective actions from assessments and incidents;
• Evaluate new applications architecture designs, Network Security and Encryption protocols and make recommendations, coordinate tracking and execution of cybersecurity lessons learned and remediation items to closure;
• Search for the right balance between minimizing company exposure to risks and development velocity;
• Develop and maintain security policies in order to be able to proactively tackle threats;
• Collaborate with NOC, Infrastructure and Software Development teams to identify, rate and propose mitigation plan for risks associated with existing and future workflows;
• Participate in Security Assessments of networks, systems and applications.
• Align with company-wide security directives;
• Perform and participate in various security projects;
• Research technological advancements and evaluate the complex architecture of a rapidly growing infrastructure to detect potential pitfalls, recommend and implement mitigation whenever possible.
• Perform penetration testing against software applications.

What makes you a good fit:

• Have a minimum of 3 years hands-on experience in penetration testing and vulnerability assessment;
• Have strong understanding of security first principles, the security market landscape and the current technologies and approaches used to solve today’s security problems;
• Have technical knowledge in multiple security domain areas such as engineering, applications, system and network security, authentication or security protocols;
• Have knowledge of web technologies and communication methods;
• Have experience in developing, documenting and maintaining security architecture, security policies, processes, procedures and standards;
• Have experience with programming and scripting languages (Python, C, JavaScript);
• Have experience with web application testing, infrastructure testing, manual testing, code reviews;
• Independently driven, resourceful, and able to deliver results with minimal direction;
• High sense of ownership, urgency and drive.

What makes you stand out: (optional)

• Industry recognized certifications (CEH, OSCP, OSCE or other certifications);
• Knowledge of IDS/IPS solutions;
• Knowledge of SIEM solutions.

What we’ve prepared for you:

• Medical subscription: Regina Maria or Medicover, with dedicated healthcare packages for employees and preferential options for family members;
• A flexible monthly benefits budget through Benefit Edenred, offering autonomy in selecting preferred benefits.;
• Access to Bookster digital library, providing a wide range of educational and development resources;
• An accelerated learning environment through Prosus Academy, offering access to extensive learning materials and development opportunities;
• A dedicated relaxation space, designed to support well-being and informal interaction.

Curious to find out more about the next step in your career? Apply now and if your experience is relevant for the role you wish, we will give you a call for more details! Also, here you can find our confidentiality policy if you want to consult it.