Security Engineer

Company Description

dxFeed is the leading provider of data services for the Capital Markets industry, sourcing and storing direct market data feeds from a variety of exchanges and market participants around the world, having built one of the most comprehensive ticker plants, in addition to offering the broadest range of data services for streaming, consolidation, storage, extraction, analytics, including index construction and maintenance for buy-side and sell-side institutions of the global financial industry.

We are looking for Security Engineer to join the team.

Job Description

We expect Security Engineer to:

• evaluate the security strategies and technical implementations
• gather system requirements, working together with application architects, systems engineers and CISO
• security operations, monitoring, threat analysis, alerting setup and investigation response
• discover security services offerings
• develop technical solutions and new security tools to help mitigate security vulnerabilities, automate repeatable tasks, prevent issues
• ensure compliance with security policies and guidelines
• ensure that the company knows as much as possible, as quickly as possible about security incidents
• organize regular security assessments on new and existing products to find potential vulnerabilities
• provide security guidance on new products, technologies and proposed architecture solutions
• take an active role in driving internal security and privacy initiatives
• communicate directly to software, hardware and cloud vendors on security and vulnerability-related topics
• choose, setup, configure and administer security products and tools
• analyse security alarms and prepare run books / escalation guidelines for on-duty teams
• respond and record results of security incidents, performa post-mortem analysis
• participate in new vendor/supplier on-boarding checks
• assess security policy, run audits
• work together with other teams to secure the Cloud and on-premise/datacenter deployments, setups and ongoing everyday processes
• implement hardening concept for network equipment / operating systems
• create automated security auditing and monitoring tools and enhancements

Qualifications

Requirements:

• experience in setup, review and analysis of security alarms
• security tools administration experience
• understanding of networking, IP addressing and Industry Security standards
• accurate and logical approach to resolving issues
• desire to learn, suggest and implement new solutions
• working on the implementation and maintenance of our security event monitoring tooling
• building our security incident management and forensics capabilities
• working with the Infrastructure team to review and manage our access controls and identity management
• running the vulnerability management tools, analysing results and applying remediations
• managing tooling to effectively detect and respond to security incidents
• evaluating the impact of current security trends, advisories, vulnerabilities
• building tooling for internal use that enable the team to operate at high speed and at scale
• performing and automating in-house network and host security testing
• managing third-party penetration tests
• acting as incident manager and running interactions with external incident response and forensics teams in the event of a major incident
• working with infrastructure teams to ensure that programmatically-driven security policies are correct
• implementing security orchestration and automation on top of existing solutions
• experience in hardening Cloud, Linux and Network concepts/approachs
• be familiar with compliance frameworks or standards (e.g. SOC2, ISO27001, GDPR)
• AWS Security Certified
• mentoring other engineers in security
• scripting/coding experience
• automation and CI/CD experience
• hands-on OS operation skills (Linux)
• good communication skills and fluent in English

Additional Information

We offer:

• flexible schedule
• work-from-home opportunity
• paid vacation on 22 days
• insurance coverage (for you and your children)
• partial reimbursement for fitness memberships
• meal vouchers provided
• snacks and beverages are ways available
• workspaces with modern equipment