Security expert (offline)

As a Swiss company, we embed our core values of quality, efficiency, and reliability into every aspect of our service delivery. Which, thanks to our network of specialists across Eastern Europe, we are able to offer at highly competitive prices.
This is because at Tacans we have an intimate understanding of business's IT needs across the business lifecycle. In fact, Tacans was born out of our founders' firsthand experience of overcoming IT needs and challenges.
Also, we provide immediate outsourcing and outstaffing solutions to businesses worldwide. Our expertise offers trusted full-cycle software services to start-ups, scale-ups, and multinationals in both the public and private space.

Fast growing company is looking for security expert in the current security team. We just on our beginning of building security, however, we have long term security plan which have to be implemented by bright team’s heads. Adequate security management and understanding of pain points are guaranteed.

Requirements:
• Understand network security protocols and techniques: secure routing, secure switching, IPS/IDS signature development and tuning, network firewalls, etc.
• Thorough understanding of the life cycle of network threats, attacks, and attack vectors;
• Solid knowledge on web application security risks and common attacks;
• Solid knowledge of IT security controls associated with firewalls, IPS/IDS, web, cryptography, network, endpoints;
• Experience working with vulnerability management solutions (e.g. Tenable, Qualys, Rapid7) and findings validation;
• Experience Utilizing SIEM software, experience analyzing, investigating, and resolving events;
• Understanding of endpoint security solutions including DLP and EDR;
• Expertise in securing one or more public cloud solutions such as AWS, GCP, and Azure;
• Solid understanding of standard TCP/IP networking and common protocols like DNS and HTTP;
• Ability to establish relationships to influence colleagues and to effectively communicate;
• Technical documentation skills to contribute to security documentation and policies.

Responsibilities:
Technical part:
• Design and maintain security architecture for entire company including various toolsets including Vulnerability Scanner, Firewalls, IPS/IDS, SIEM, MDM, Malware Protection, etc.
• Manage and maintain secure configuration of Active Directory and supportive tools.
• Incident response management and evidence collection.
• Implement and support corporate infrastructure security controls and tools.
• Manage vulnerability seeking tools and validate findings.
• Follow security best practices and suggest implementation road map for improvements

Management / policy part:
• Take partnership with project management team and support business needs of the projects.
• Develop policies and other security documentation in accordance with strategic plan.
• Design and implement information security policy education, training, and awareness programs.

Working conditions:
• Competitive salary;
• Professional, friendly and supportive environment;
• Office location near metro Kontraktova Square;
• Annual paid vacation (22 working days), 15 paid sick leaves;
• Medical insurance program.