Infrastructure Security Engineer

We're a global company with an advanced tech stack. Our company implements the full cycle, from developing trading strategies and algorithms to creating software. We pay great attention to thorough market research and the continuous development of our technological infrastructure.

Join our dynamic team of over 200+ professionals and contribute to our pursuit of precision and excellence. We are growing and looking for an Infrastructure Security Engineer to join our team.

Responsibilities

• Analyze, design and implement infrastructure protection measures (on-prem and cloud).
• Advise and implement necessary changes required to counter the attack or improvise security standards.
• Maintain and optimize infrastructure (based on Kubernetes, Docker, Terraform, Ansible).
• Automate deployment, scaling, and monitoring processes.
• Participate in projects to build secure architecture (e.g. Zero Trust, network segmentation, secrets management).
• Evaluate, architect, implement, and support security-focused tools and services.
• Develop and implement hardening policies for OS, databases, middleware and other systems.
• Conduct security assessments (servers, networks, containers, CI/CD pipelines) regularly to identify vulnerabilities and perform risk analysis.
• Participate in testing the security of the application, work to improve the secure software development lifecycle.
• Participate in threat modeling, code review and architecture review processes.
• Work with secrets management and secure access tools.
• Monitor latest web application security developments and security trends to continually improve internal processes.
• Participate in internal and external security audits. Interact with DevOps teams to integrate security into infrastructure processes.
• Supporting compliance processes (ISO 27001, SOC2/3, NIST, etc.).

Requirements

• Experience of 2 years or more in Information Security (with a focus on infrastructure).
• Knowledge of the principles of building secure systems, architectures, and network models.
• Proficiency with AWS and experience of working with cloud services (AWS) with services such as CloudFormation, EC2, S3, RDS, SQS, Autoscaling, etc.
• Experience with IaaC (Terraform, Ansible, etc.).
• Experience with Linux.
• Experience with analyzing vulnerabilities (CVEs), use tools like Nessus, Nmap, OpenVAS.
• Automation skills (in scripting languages: Bash, Python, Go).
• Knowledge of network protocols and traffic filtering principles (iptables, firewalls, security groups, etc.).
• Experience in configuring and supporting monitoring and logging.

Nice to have

• Bughunting.
• Experience in FinTech industry.
• Practical experience in administering security tools (WAF, DLP, NGFW, Antivirus, SIEM, Anti-DDOS, etc.).