We are seeking a Sr. Security & Compliance Engineer to provide added value services, helping ensure our business remains highly available, flexible, and robust. An ideal candidate would be a passionate engineer who is dedicated to pursuing complicated technical security problems and coming up with robust engineering solutions.
Requirements
- Networking & Infrastructure: Excellent knowledge of TCP/IP. Comprehensive understanding of the core Linux network stack.
- Security Testing Methodologies: Expert proficiency in essential security disciplines including Network Traffic and Protocol Analysis, comprehensive Vulnerability Assessment and Scanning methodologies, network service enumeration, and hands-on Web Application Penetration Testing techniques.
- System and Infrastructure Hardening: Proven, hands-on experience in developing, implementing, and auditing standardized security baselines, robust configuration management controls, and effective patch management strategies across diverse operating system and application platforms, including critical data services.
- Security Control Systems: Deep knowledge and hands-on experience with SIEM solutions and Vulnerability Management platforms.
- Data Protection: Experienced in data encryption technologies and products.
- Development: High-quality Python/shell development experience is considered a plus.
- Knowledge of Cloud and Mobile Security Architecture.
- Experience in datacenter protection strategies.
- Security Governance: Demonstrable knowledge of common security standards and compliance frameworks (e.g., ISO 27001, NIST Cybersecurity Framework, SOC 2). Practical experience translating technical controls into formal, auditable security policies and procedures.
- Formal Documentation: Proven ability to translate complex security testing results, audits, and posture assessments into high-quality, professional, and accessible documentation suitable for internal leadership and external client assurance reviews.
- Stakeholder Communication: Solid communication skills (both oral and written), being able to explain concepts and ideas to various types of audiences, with proven experience presenting technical security findings and strategy to both C-level executives and external clients.
Benefits
- Competitive base salary and benefits
