• Security Operations Engineer

Industry Accounting/Finance
Location Iasi
Experience Range 5 - 7 Years
Qualification BE Computer Science and Engineering (Computer Science)
Not posted

Functional Banking, Insurance & Financial Services
Job Description
About Us
We know that people are our "greatest asset". Our staff’s professionalism, innovation, teamwork and dedication to excellence have helped us become one of the world’s leading technology companies. It is these qualities that are vital to our continued success. As a Ness employee you will be working on products and platforms for some of the most innovative software companies in the world. The opportunity to evolve your expertise by using new cutting edge technologies will expand your horizons and create an exciting work environment. You’ll also gain enormous knowledge working alongside other highly skilled professionals that will help accelerate your career progression. At Ness we treat our values of rigor, innovation and partnership with the highest priority and they are placed at the very core of our business — to guide us through our daily operations and interactions with our customers. We offer our employees exciting and challenging projects across a diverse range of industries, as well as the opportunity to collaborate with a group of forward thinking, capable partners around the globe.
About Company
Confidential
Roles and Responsibility

*Open position for Ness Iasi and Ness Timisoara with the possibility to work remote


The Team:

The Security team is responsible for building, enforcing and reporting on information security maturity across products by adopting, adapting and extending Enterprise Corporate standards and tools. The products are a critical component of the global financial markets, so building and ensuring information security compliance is an extremely important function. 


The Impact:

As a Security Operations Engineer, you will be part of the Security Operations Engineering Team that is accountable for report and improve the Security state by calibrating security against set standards and practices in the division and organization. This role will practice and encourage secure by design mindset. A background of System Administration / SRE with expertise in general Infrastructure systems architecture would be ideal.


What’s in it for you:

This is a unique opportunity to work on all facets of information security. From working on infrastructure and cloud security to driving a DevSecOps mentality with a primary focus on our Application security, including both DevOps and Cloud services. This role will involve collaborating with global development and product teams with a lot of exposure to senior leadership. 

Responsibilities:

• Working with the Director of Security Operations Engineering you will be implementing and enforcing corporate security standards

• Responsible for the successful operations of all security tools and technologies and participates in or drives security reviews for new products and services.

• Partners closely with the scrum teams, DevOps leads, Product Development managers, and Product Managers to improve the operating risk posture, improve security maturity, and mitigate risks.

• Implement the best practices in Database privacy and Security, Privilege access management (for application and database) and Recertification, data redundancy and disaster Recover scenarios

• Collect and analyze available vulnerability data to identify risks, and manage remediation.

• Aggressively but realistically eliminate technical debt that leads to security vulnerabilities.

• Assist in performing risk assessments and developing remediation plans for identified risks.

• Work with Internal Audit team ensuring audit compliance of all the products.

• Documents wiki, run books, and trains others to help operationalize and automate DevSecOps.

• Works across engineering teams to prioritize flaws and with external entities to respond to security issues and concerns.

• Continuously identifies areas needing improvement, creates action plans, and executes to implement changes in a timely manner

Desired Skills

• Strong knowledge of NIST standards and the NIST Cybersecurity Framework.

• Strong knowledge in Database Security framework and implementation specifics on RDBMS platforms like SQL Server, Oracle on Linux/Windows Platforms.

• Experience with complex SaaS and Corporate IT services environments

• Expertise with administering security technology controls (firewalls, orchestration platforms, anti-malware, forensics, IAM, IDS, DLP, open-source, etc.)

• Experience with security automation and technology and process integrations with CI/CD pipelines.

• Experience with creating Analytics Dashboards with Tableau for the underlying asset data.

• Experience managing security in DevOps and SaaS environments.

• Experience with AWS and best practices for monitoring an IaaS environment

• Familiarity with operating enterprise security technologies and establishing enterprise security processes.

• Familiarity and experience with standards and compliance frameworks ISO, SANS, OWASP, NIST, SSAE SOC, ITIL, etc.

A+| A| A-