Security Engineer

Remote job

Full Time Senior-level / Expert USD 107K - 149K *
xneelo logo

xneelo

Reliable hosting with a stable network and round-the-clock support, we ensure that your website stays up, stays fast and stays supported.

View all employer listings

Apply now Apply later

Xneelo is a web hosting company of approximately 350 people, with teams in Cape Town (head office), Johannesburg, as well as Canada, Ukraine and India. We see ourselves as business enablers, stimulating the economy by helping the business mass market to interact and transact online.


Our security engineers make sure that the data of xneelo and her customers is protected. A large scale, mass-market hosting infrastructure is a complex beast requiring security automation and processes to make sure it can scale and perform securely, 24 x 7 x 365. The security team at xneelo looks to the security of the IT, OT, software and cloud infrastructure as a vital component of being trusted in hosting.  


We are passionate about frequent, iterative delivery of high-quality software and aim to build lasting solutions using Agile principles and the latest technology available. The security team at xneelo is a key part of this process.

We work together in autonomous teams that take full responsibility for their own part of the xneelo ecosystem and require an understanding of the Agile development philosophy. The security team owns some of the security related components of the ecosystem and consults with teams to ensure that systems they own are secure by design.


Locations: Remote or Cape Town, South Africa.

Timezones: UTC to UTC+3


Responsibilities

The ideal candidate will come from a software development process in order to appreciate the security pitfalls of software development and how to speak dev.

  • Build and support systems providing security features such as firewalls, authentication and secrets management

  • Provide subject matter expertise on architecture, authentication and system security

  • Performing security reviews of new and existing services (IT, OT, Cloud and Software)

  • Liaising/Consulting internally with teams on security findings to solve vulnerabilities

  • Solving interesting and large scale backend technical challenges that affects security

  • Monitor application and audit logging for security anomalies

  • Automation of security anomaly detection and alerting

  • Participate in forensics of security incidents

  • Looking for opportunities to innovate and optimize our security solutions

Requirements

The strengths and experience we’re looking for:

  • Excellent communicator, both verbal and written

  • Gets on well with people and knows how to have candid, “clear and kind” conversations

  • Fast learner who knows how to say “I messed up” and “I don’t know, please help”

  • Understands the security risks and mitigations through all the OSI layers

  • Gets the difference between “done” and “97% done” and the potentially significant costs of the latter

  • Strong networking skills

  • Excellent multi-tasking skills

  • Cool under pressure

  • No compromise attitude towards system security and stability

  • Is a servant leader

  • Self-motivation and self-management

  • Life-Long Learning


You probably have a passion for:
  • Thinking like a hacker & incident responder by diving into the security details of the software you’ve built or use

  • Keeping abreast of industry security news and developments

  • Zero trust design in networks and software

  • Multi layered security design

  • Programming, open-source Technologies and IT in general

  • Optimal systems and simple procedures

  • Agile development and a self-organizing team environment

  • Sharing ideas and innovation


Technical Requirements

  • Design & development of backend software and APIs

  • Object-oriented programming using a language like Ruby (equivalent will be considered)

  • Software development within the Linux/Unix environment

  • Software development using a containerization platform like Docker or Kubernetes

  • Agile development practices (team focus, continual improvement, automated tests, refactoring, continuous integration, pair programming

  • Ability to discover and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond)

  • Code quality reviews
    • Proactively identify and reduce security risks

    • Find and remove outdated and vulnerable code and code libraries

  • Git version control


Qualifications

  • BSc or BTech majoring in Computer Science will be advantageous, however, your ability to demonstrate your track record of security systems is what ultimately counts

  • A minimum of 4+ years of software development experience

  • Minimum of 2 years supporting a large scale application in an operational capacity

  • Minimum of 4+ years in a similar position


Desirable Skills and Experience

  • Security related security certifications such as CISSP and OSCP

  • Experience with Kubernetes or other container orchestration platforms

  • Understanding of database design (MySQL, Redis, etc.)

  • Familiarity with ElasticSearch

  • Experience with DevOps on a linux based platform

  • Experience with system administration on a linux based platform

  • Ruby software development experience preferred

  • Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP

  • Implementation and management of infrastructure and service monitoring systems

  • Exposure to secrets management solutions

  • Cloud Infrastructure as a service

  • Infrastructure automation such as Cloudformation, Ansible and Puppet

  • Network and host based security solutions like Palo Alto, Fortinet, Cisco or Cloudflare      


At xneelo, our sincere desire is that our team members are inspired by their success and able to operate with a high level of discretion and autonomy guided by our principles and values. We hope this appeals to you and look forward to hearing from you.


* Salary range is an estimate based on our salary survey at salaries.infosec-jobs.com

Tags: Agile Ansible Automation CISSP Cloud Cloudflare DevOps Docker Elasticsearch Forensics Kubernetes Linux Monitoring MySQL OSCP OWASP Puppet Redis Ruby SAML UNIX Vulnerabilities

Perks/benefits: Career development

Region: Remote/Anywhere
Job stats:  24  2  0
Category: Engineering Jobs
  • Share this job via
  • or

Other jobs like this

Explore more Cyber Security career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.