Sr. Information Security Engineer - DevSecOps
EastNets -
Cairo, EgyptPosted 2 years ago12Applicants for1 open position
- 2Viewed
- 0In Consideration
- 0Not Selected
Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
- Build and maintain an AWS and Azure cloud infrastructure architecture aligning security, compliance, performance, and resilience
- Provide expertise and best practices for implementing cloud security (internal) and product security (external)
- Assess architectures and designs for security vulnerabilities and suggest and implement proper alternatives
- Oversee the management and remediation of identified security flaws within our development platforms
- Build and maintain monitoring, auditing, and reporting frameworks that produces artifacts that support security and compliance needs
- Build and maintain a set of tools that enable developers to self-serve for most operational tasks
- Develop processes that produce artifacts that support security and compliance requirements
- Contribute to the development of colleagues within the team by preparing technical content or providing specialist support to Learning and Development for in-house training, as required.
- Participate in developing the security architecture and provide a standard for static/dynamic application testing.
- Ensuring IT-Security related systems used are appropriate, and properly maintained and administered.
- Research, evaluate, develop, and participate in implementing Security solutions to meet industry standards and best practices.
- Assist in the maintenance and development of security policies and procedures, while evaluating new and existing security technologies.
- Ensure the proper delivery of EastNets Security Consultancy Services to its customers globally.
- Assists customers in handling and addressing issues and feedbacks that require expert opinion in areas related to information security and security standards.
Job Requirements
Must Have Skills:
- Significant knowledge of security best practices for client-server product architectures, focusing predominantly on cloud-based server development
- Significant knowledge of AWS systems, including EC2, IAM, CloudWatch, CloudTrail, Config, Lambda, Security Groups, VPCs, WAF, Guard Duty, Inspector, etc.
- Experience with cloud-based security management/IDS/IPS/SIEM tools, such as Splunk, Dome9, AlienVault, AlertLogic, Fortinet, Threat Stack, etc.
- Programming or scripting experience with a popular modern language utilized by above tools (Java, Python, Ruby, etc.).
- Experience extracting pertinent security data from SIEM solutions and AWS audit, logs, and reports
- Life-long learner - always looking to stay up to date with latest attack vectors, vulnerabilities, remediation and protection paradigms, etc.
- Self-motivated, proactive, driven individual
Desired Skills:
- Knowledge of one or more SSO methodologies (SAML, LDAP, MS AD)
- Experience in performing security vulnerability assessments, good familiarity with regulations like PCI and SOX.
- Strong interpersonal, oral, and written communication skills
- Ability to work in a fast-paced, rapidly changing, Agile, competitive environment
- Ability to work independently and in group environments
Education/Certifications:
- Bachelor’s degree or higher in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience.
- 4+ years of experience with Security Best Practices, implementing enterprise-grade security solutions.
- 3+ years of experience with AWS development and management (AWS Associate certification or higher preferred)
- 2+ years of experience writing code or scripts in a modern programming or scripting language (Java, Python, Ruby, etc.).
- One or more recognized security and cloud specific certifications, e.g., CCSP, SSCP, CISSP, CCSK
