Senior Security Engineer

Are you ready for a life and career defining personal & professional challenge?

"Empowering people to live their passions’

Aaqua is a refreshingly new social experience built around people, purpose and passions.

We bring like-minded people, fans, icons, creators and brands together in communities - blending epic original ~content, ~initiatives and epic physical events - centred around M.A.G.I.C.

(M.usic, A.rts & Entertainment, G.ames, I.nterests and C.ommunity).

Our philosophy is to empower people to live their passions in a safe place, with relevant engagement, genuine transparency and a democratised value system.

Your passion and enthusiasm about building secure software and infrastructure will guide us to become a team where delivering a secure solution is a given, while keeping an eye on minimal overhead. You provide transparency in the way we handle security to provide trust to our members and partners.

•Work closely with the engineering, SRE and infrastructure teams to build a highly secure service, by mentoring the engineers, providing education, supporting them during implementations and issue resolution, defining security standards, introducing the necessary tooling, … •Help further grow a DevSecOps culture embed Security into our Development process (automation and CI/CD). •Mature our cloud security and SAST/DAST offering. •Provide threat modelling support. •Improve how we deal with vulnerabilities across our codebase and applications. •Put the necessary security controls (like code scanning, dynamic security testing, infrastructure tooling, …) in place to ensure standards are followed and potential issues are found on time •Put the necessary monitoring and tracing in place to detect, identify and track attacks against our systems •Respond quickly and effectively to security incidents and potential breaches as well as providing post-event analysis •Be the security voice in risk management activities, facilitate internal audits and provide evidence during external security audits •Identify security design gaps in existing and upcoming features and designs •Execute security assessments and design controls used for the technologies used by the team-members •Overall, you will have an enormous influence on the way we approach security, which will be a crucial aspect of our service. •You’ll be part of an international team brought together by a culture of technical excellence, grit, integrity and open communication. You’ll find our compensation and rewards highly competitive and better yet, expect an agile and flat structure, dynamic growth opportunities, flexibility, and a lot of room for innovation and technologic advancements.

Requirements

Ideally your career journey to date will have given you experience in or exposure to the following :

•You have a minimum of 5 years’ experience in the software development industry as a security engineer •You have experience securing cloud environments, including hands-on experience with Amazon Web Services and a very good understanding of AWS security tooling (IAM, Cognito, GuardDuty, WAF) •You have clear knowledge and hands-on experience in cloud infrastructure (e.g. Docker, Kubernetes, Terraform, ) and the security challenges they come with. •You have solid expertise across modern application security best practice and OWASP top 10 •You have a strong background in backend engineering (e.g. Java, Python, event-driven Microservices,...) •You have a good understanding of modern web and mobile technologies (e.g. React Native, OAuth, OpenID, GraphQL) •You have a good understanding of application security testing tools (SAST, DAST, SCA, etc.) •You have deep knowledge of Linux, shell scripting and automation •You value privacy and have a high ethical standard •You have an open and entrepreneurial mindset •You maintain a high-quality standard, but can strike a balance between quality, flexibility and timely delivery, without compromising on security.