Senior Cybersecurity Engineer
The Senior Cybersecurity Engineer will be responsible for implementing processes and policies across the organization to ensure that systems are protected from security threats.
Conducting security assessments, penetration testing, and auditing of systems. Run vulnerability scanning tools.
Implementing and installing solutions to monitor networks and servers employing various security solutions for centralized logging, intrusion detection, anti-malware, EDR, etc.
Assisting with the installation and configuration of network security architectures, including firewalls, Demilitarized Zones (DMZ), routers, VPNs, proxies, content-filters, etc.
Performing risk assessment and business continuity planning to ensure that business-critical systems can be recovered in case of an IT system failure, disaster, or attack.
Identifying threats and develop suitable defense measures.
Drafting cybersecurity white papers, collaborating with the technical writer team.
Managing and lead security incident response efforts.
Providing security awareness training for employees.
Proposing security improvements and corrective actions.
Working with product management and developer teams to ensure that our products are secure.
Designing and implementing access-control, single-sign-on, and appropriate identity and access management systems.
Working with the DevOps and Web developer teams to ensure that internet-facing services (e.g., website, support ticketing system) are secure and resilient.
Collaborating with the DevOps team in creating a secure software development process and CI/CD pipeline that is resilient against a supply-chain attack.
Get our products certified with vendors and security standards. Work with third-party security assessment companies to execute vulnerability scanning, source code analysis, or penetration testing.
Assist with achieving compliance with certain information security standards (e.g., ISO 27000) by creating a set of documents, developing the implementation plan, coordinating the efforts related to data protection, and preparing for an external audit.
Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.
Some experience with scripting languages: Python, shell, Perl.
Experience with log management tools and SIEM products.
Good understanding of cryptography, SSL/TLS, PKI.
Hands-on experience with security tools such as vulnerability scanners, firewalls, intrusion detection systems, spam filters, anti-malware tools.
Network protocols, firewalls.
Cloud platforms (AWS, Azure, GCP).
Operating systems (Linux, Windows, Mac).
CISA, CISSP, CEH, or similar certification.
Bachelor's degree in information technology or similar.
Customer-oriented, service provider attitude, polite, diplomatic, patient, quick learner, eager to jump on and understand new technologies.
Competencies for remote work: self-governance, autonomy (motivation and proactiveness), strong time management, intercultural communication, collaboration, adoption of remote communication tools, discipline, reliability, self-motivation, self-advocacy, and flexibility.
Language: Fluent English skills (oral and written)
IT knowledge: advanced level of MS Office knowledge, remote communication tools.