Security Engineer

Дата:13 Ноября
Квалификация:Security Log Management tools (syslog-ng, rsyslog, logstash, graylog, etc.)
2+ years of experience as a Security Systems Engineer dealing with security of network and information technology;
Good understanding of computer networks (VLAN, IP addressing, security zones of trust, etc.)
Experience with IDS/IPS solutions (Palo Alto, Snort)
Vulnerability Scanners (OpenVAS); Malware and Endpoint Protection tools
Basic scripting skills (Python, Perl, Bash, etc.)
Experience in providing information security for corporate network;
General knowledge of IT security audit techniques; Experience designing secure networks, systems and application architectures
Experience planning, researching and developing security policies, standards and procedures Thorough understanding of the latest security principles, techniques, and protocols Problem solving skills and ability to work under pressure Professional security certification would be an asset.
English - intermediate
Задачи:Development and management of corporate network perimeter firewalls and security modules like IPS, URL Filtering, etc.;
Conduct periodic scans of networks to find any vulnerability, also conduct penetration testing, in which simulate an attack on the system to highlight or find any weaknesses that might be exploited by a malicious party;
Handle security vulnerabilities and risks in the IT environment;
Handle security incidents as reported by individuals or automated systems; Monitoring of system logs and events to identify possible issue and prevent them
Evaluate surrounding security aspects of the development process such as CI/CD processes, secret management, monitoring for security events in production, container security;
Support application security domain during audits and regulations (ISO27001, PCI, GDPR, etc).
Installation and successfully management of security products and technologies;
Analyze and respond to previously undisclosed software and hardware vulnerabilities;
Participate in the creation of policies, standards, and procedures where appropriate;
Research and suggest solutions and new tools to solve security problems in new topics;
Process security-related requests;