DevSecOps Team Lead Offline
We are looking for Information Security Lead who will join our team and help to optimize and improve our Information Security. We are expect that you have hands-on experience in building Cyber Security for products designed by modern approaches and used Cloud Environments. Experience as a Lead is required.
Requirements:
— Experience as information security engineer from 5+ years
— Experience in managing team and relevant position 2+ years
— Operational knowledge of modern operating systems and networking (SSL, VPN, SSH, firewall, etc)
— Experience of implementing ISMS in the company from scratch
— Experience in implementing and managing event monitoring and incident response tools
— Strong understanding of cybersecurity standards and frameworks such as ISO 27001, OWASP, NIST, etc
— Practical experience of passing international certifications and audits
— Security testing of web applications, web services, mobile apps, and IT infrastructure
— Knowledge of the main types of cyber attacks, means of their implementation, detection, localization and countermeasures
— Understanding standards and best practices to secure complex modern microservice systems
— Experience with the cloud infrastructures and cloud technologies
— Experience with WAF, IDS and IPS configuration
— Experience in building disaster recovery strategies
— Ability to use at least one modern programming language
— English at the B2 level
Responsibilities:
— Responsible for dedicated security team and all internal activities including: SecOps, administration, operations governance, threat and vulnerability management, and incident response
— Improvements and implementation of ISMS
— Keep updated and implement new policies and processes
— Of privileged access management, vulnerability management, secrets management and access control
— Review and verification of securing cloud infrastructure solutions
— Dealing with SIEM and creating actionable insight
— System analysis for potential threats
— Programming/scripting languages such as Python or Bash to automate tasks enabling information security at speed and scale
— Modifying and maintaining Infrastructure as Code and using build provisioning tools such as Terraform, GItlabCI etc
— Developing, implementing and reporting upon SecOps key performance indicators
— Improving security knowledge of colleagues and stakeholders at all levels
— Formation of long-term plans for information security
Nice to have:
— AWS security toolsets
What we offer:
- A real opportunity for professional growth and self-improvement in a team of professionals
— Benefit-cafeteria for each employee
— Challenging and exciting tasks, and all the needed tools to achieve them
— 22 days of vacation, 10 sick leave, 5 days off
— Ability to focus on your work — lack of bureaucracy and micromanagement
We would be happy to see you in our team!