Devire is an international company specializing in recruitment, outsourcing and employer branding services. For more than 30 years, we have represented leading employers on the European market, by carrying out comprehensive recruitment projects, implementing the latest solutions in the area of IT services and by supporting in building the image of the employer of choice.
Our offices are located in Warsaw, Wroclaw, Poznan, Katowice as well as Munich, Frankfurt, Prague and Hradec Kralove.
Our offices are located in Warsaw, Wroclaw, Poznan, Katowice as well as Munich, Frankfurt, Prague and Hradec Kralove.
Senior Security Engineer
Location: WarsawLocation: Warsaw, Rondo Daszynskiego
We are looking for a passionate, curious and self-driven Senior Security Engineer to help improve our overall security capabilities and work with teams across the enterprise to solve complex problems in innovative ways. The Sr. Security Engineer will help design, embed and deliver security patterns, methodologies, and solutions for the entire company.
This position will directly contribute to the overall enterprise architecture and influence the security vision and strategy around systems and applications across all cloud types (IaaS/PaaS/SaaS) and on premise and manufacturing environments.
Responsibilities:
- Breaking & Fixing - Identify security problems and build, implement, and enhance high-quality solutions.
- Advise and support developers and DevOps engineers in securely implementing new innovations.
- Research and design ways to achieve risk reduction objectives in creative ways.
- Assess and manage vulnerabilities and technological risks across all the environments.
- Act as a subject matter expert for Information Security.
- Proactively research new and emerging technologies and approaches to enhance the security posture of the company.
- Function as a technical lead and SME in various Information Security, IT, and projects as directed.
- Identify “fit for purpose” Solutions - Rather than compromise security, customer experience, or productivity, work to achieve the best of all three.
- Respond and engage in security incidents and escalations performing advanced root cause analyses and forensics to drive resolution.
Core skills:
- 5+ years of information security experience, either in an internal security engineering, security architecture or consulting role.
- Strong, well rounded background in host, network, application, cloud, and data security services. Working knowledge of host (AV, EDR, EPP etc.); networking (TCP/IP, HTTPS, WiFi, Firewalls, IPS, etc.) and application (authentication protocols, applied cryptography, key management, database security, PKI, SSL/TLS etc.) security controls and tools.
- Recent experience securing production workloads in public clouds (Azure, AWS, Google, others).
- Strong knowledge of all components of holistic security architecture and design and the ability to explain proposed solutions and recommendations to customers from different technical backgrounds.
Nice to have skills:
- Ability to code at least one scripting type language such as Python or Powershell.
- Experience designing network and OS-level monitoring systems to detect malicious activity.
- Experience managing SaaS applications security such as Salesforce, Workday and managing Azure security.
- Experience with identity and access management concepts such as SAML federation, OAUTH and MF.
- Experience with database technologies like MySQL and data schemas.
- Good understanding of RESTful designs and cloud APIs.
