Security Engineer
Porto, Portugal
Devexperts
Devexperts provides financial software and services for brokerages, exchanges and wealth management firms in equity, options, futures and Forex markets.Company Description
dxFeed is the leading provider of data services for the Capital Markets industry, sourcing and storing direct market data feeds from a variety of exchanges and market participants around the world, having built one of the most comprehensive ticker plants, in addition to offering the broadest range of data services for streaming, consolidation, storage, extraction, analytics, including index construction and maintenance for buy-side and sell-side institutions of the global financial industry.
We are looking for Security Engineer to join the team.
Job Description
We expect Security Engineer to:
- evaluate the security strategies and technical implementations
- gather system requirements, working together with application architects, systems engineers and CISO
- security operations, monitoring, threat analysis, alerting setup and investigation response
- discover security services offerings
- develop technical solutions and new security tools to help mitigate security vulnerabilities, automate repeatable tasks, prevent issues
- ensure compliance with security policies and guidelines
- ensure that the company knows as much as possible, as quickly as possible about security incidents
- organize regular security assessments on new and existing products to find potential vulnerabilities
- provide security guidance on new products, technologies and proposed architecture solutions
- take an active role in driving internal security and privacy initiatives
- communicate directly to software, hardware and cloud vendors on security and vulnerability-related topics
- choose, setup, configure and administer security products and tools
- analyse security alarms and prepare run books / escalation guidelines for on-duty teams
- respond and record results of security incidents, performa post-mortem analysis
- participate in new vendor/supplier on-boarding checks
- assess security policy, run audits
- work together with other teams to secure the Cloud and on-premise/datacenter deployments, setups and ongoing everyday processes
- implement hardening concept for network equipment / operating systems
- create automated security auditing and monitoring tools and enhancements
Qualifications
Requirements:
- experience in setup, review and analysis of security alarms
- security tools administration experience
- understanding of networking, IP addressing and Industry Security standards
- accurate and logical approach to resolving issues
- desire to learn, suggest and implement new solutions
- working on the implementation and maintenance of our security event monitoring tooling
- building our security incident management and forensics capabilities
- working with the Infrastructure team to review and manage our access controls and identity management
- running the vulnerability management tools, analysing results and applying remediations
- managing tooling to effectively detect and respond to security incidents
- evaluating the impact of current security trends, advisories, vulnerabilities
- building tooling for internal use that enable the team to operate at high speed and at scale
- performing and automating in-house network and host security testing
- managing third-party penetration tests
- acting as incident manager and running interactions with external incident response and forensics teams in the event of a major incident
- working with infrastructure teams to ensure that programmatically-driven security policies are correct
- implementing security orchestration and automation on top of existing solutions
- experience in hardening Cloud, Linux and Network concepts/approachs
- be familiar with compliance frameworks or standards (e.g. SOC2, ISO27001, GDPR)
- AWS Security Certified
- mentoring other engineers in security
- scripting/coding experience
- automation and CI/CD experience
- hands-on OS operation skills (Linux)
- good communication skills and fluent in English
Additional Information
We offer:
- flexible schedule
- work-from-home opportunity
- paid vacation on 22 days
- insurance coverage (for you and your children)
- partial reimbursement for fitness memberships
- meal vouchers provided
- snacks and beverages are ways available
- workspaces with modern equipment
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Audits Automation AWS CI/CD CISO Cloud Compliance Forensics GDPR Incident response ISO 27001 Linux Monitoring Privacy Scripting Security assessment SOC 2 Vulnerabilities Vulnerability management
Perks/benefits: Fitness / gym Flex hours Flex vacation Snacks / Drinks
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs