Ver todas vagas

Information Security Engineer

Work directly with the project teams to facilitate building secure workflows, processes, systems, and services
Develop best practices and security standards for the organisation
Understand software, infrastructure and internet needs and adjust them according to the business environment
Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
Ensure the organisation knows as much as possible, as quickly as possible about security incidents
Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
Find cost-effective solutions to cybersecurity problems
Conduct the internal/external security test/audit on our service, application, and infrastructure
Assist fellow Team Members with cybersecurity, software, hardware or infrastructure needs

3+ years' experience of working as a Security Engineer or other relevant position
Basic coding skills such as HTML, CSS, Shell Script, Python and other languages
In-depth knowledge of database and operating system security
Ability to discover and identify SQLi, XSS, CSRF, SSRF, authentication and authorisation flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond)
Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP
Knowledge of browser-based security controls such as CSP, HSTS, XFO
Experience with standard web application security tools (Arachni, BurpSuite)
An understanding of best practices and how to implement them at a business-wide level
Hands-on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering
Hands-on experience in network security and networking technologies and with system٫ security, and network monitoring tools
Fluency in English written and spoken