Skip to content Skip to menu Skip to footer
Beschreibung des Stellenangebots

Our client is looking for an Information Security Engineer. Responsible for providing technical expertise related to infrastructure and software security design, implementation, and support of a new product set for the company.

 

RESPONSIBILITIES

Provide analytical and technical security recommendations to other team members, oversight boards, and clients.

Perform network penetration, web application testing, source code reviews, threat analysis, wireless network assessments, and social engineering assessments.

Identify requirements, based on needs or resulting from a security issue that puts the organization’s systems at risk.

Meet with clients and management to help specify and negotiate application security requirements

Liaise with the Enterprise Architect, Network Engineering, and Enterprise Management Teams to effectively communicate and architect security solutions.

Recommend effective security configurations and architecture to active members in technical workgroups.

Develop documentation to support ongoing security systems operations, maintenance, and specific problem resolution.

Provide risk analysis for product features and architecture decisions.

 

REQUIREMENTS

3+ years’ experience working with information security

Bachelor’s degree in information security or Similar

Ability to communicate with and understand the needs of non-technical internal and external clients.

Expertise in TCP/IP, web architectures, and technologies such as HTML, JavaScript, XML, REST, PHP, and API Gateway.

Extensive experience in systems administration, security DevOps processes, system hardening, and patch management strategies.

Experience with system automation frameworks (Puppet, Terraform) and CICD pipeline (Jenkins, GitLab CI/CD).

Cloud-native technologies, key management solutions, and networking strategies.

Specific security-related experience including data-at-rest encryption, certificate validation, IDS/IPS, firewalls, SIEM and log management, Syslog analysis, HTTP and TCP/IP analysis, and vulnerability assessments including cross-site scripting, SQL injection, cross-site request forgery, HTTP response splintering, the OWASP Top 10, and SANS Top 25.

 

Possess at least one of the following professional designations (or one of similar stature):

Certified Information Systems Security Professional (CISSP).

Certified Information Security Manager (CISM).

Certified Information System Auditor (CISA).

Certified Information Security Manager (CISM).

Certified in the Governance of Enterprise Information Technology (CGEIT)

Angaben zur Stelle
Work experience:
Work experience is not required
Gehaltsspanne:
Not provided
Date of expiry:

Über das Unternehmen

SpotOn Connections offers international recruitment solutions and career consultancy for all industries across Europe. We deliver a premium service at all stages of the recruitment process, taking the time to get to know our clients and candidates on a personal level so that we can make the perfect match. Our network of consultants come from a recruitment background, with particular… Erfahren Sie mehr