IT Security Engineer - South America
Remote - Buenos Aires
Applications have closed
About us
Founded in 2015, OpenZeppelin is the premier crypto cybersecurity technology and services company, trusted by the most used DeFi and NFT projects in the world.
Our mission is to protect the open economy, safeguarding tens of billions of dollars in funds for leading crypto organizations including Aave, Coinbase, Compound, Ethereum Foundation, TheGraph and many others.
The OpenZeppelin team, spread across 30+ countries in the world, is responsible for creating the most popular Open Source Library for Smart Contract development in the world with over 15 million downloads! The expertise we've built along the years allowed us to uncover major security vulnerabilities for some of the most well known players in the market.
With the success of our products, our security audit work, and the open source educational efforts, we are setting the industry standards for secure systems of a hyper-fast-growing industry and we're looking for more folks to help us on our mission.
The IT & Security team ❤️
The IT & Security team at OpenZeppelin is responsible for the planning, execution, and delivery of the IT & Information Security Program that supports OpenZeppelin processes, technologies, products, and customers. The team manages the company’s IT and Security Operations, leads Governance Risk and Compliance initiatives, and supports Product Security activities and processes, led by the Head of IT & Security.
What you'll be doing
- Create and maintain IT and cloud security policies.
- Guide the DevOps team to implement cloud security and compliance controls.
- Partner with development teams to design, implement and enhance security best practices in the SDLC and change management processes.
- Work alongside other security team members to implement and maintain company-wide security best practices of all IT infrastructure including applications and endpoints devices.
- Support systems access provisioning and deprovisioning as well as onboarding and offboarding activities.
- Execute internal IT risk assessments and support the remediation of the findings.
- Execute third-party risk assessments.
- Assist with SOC 2 internal audits.
- Review periodically the security configurations of our systems.
- Learn new concepts, skills, and technologies to propose and implement new IT and security solutions.
- Assist with IT and security requests.
You have
- 3 to 5 years of IT security and cloud security experience.
- Experience designing and implementing IT security controls in general and in AWS cloud in particular.
- Experience with automating processes and/or security controls.
- Experience with DevOps, DevSecOps, and Agile methodologies.
- Proven experience building productive relationships with internal teams and partners.
- Curiosity and research skills to find IT and security solutions for our business needs..
- Excellent verbal and written communication skills to effectively exchange ideas and information with other teams and to provide assistance for IT and security matters.
Nice to have
- Knowledge of or exposure to common information security management frameworks, such as ISO/IEC 27001, NIST 800-53, NIST Cybersecurity Framework, CIS controls, or SOC 2 Type 2 reports and audit processes.
- Previous experience with Disaster Recovery Planning and Incident Response.
- Understanding of APIs and how to develop automation utilizing API functionality of tools and solutions.
- Previous experience managing Google Workspace environments.
- Github experience.
- Security certifications, such as CISSP, CISM, or GIAC certifications.
- Experience with cryptocurrencies or decentralized finance.
- Exposure to Blockchain / Web3 technologies and infrastructure.
Logistics
Our interview process takes place on Zoom and tends to consist of the following stages:
- Recruiter call (45 minutes)
- Hiring Manager call (45 minutes)
- Team member interview (1 hour)
- Leadership call (30 minutes)
- Paid work test
- Reference checks
Please let us know if you require any accommodations for the interview process, and we’ll do our best to provide assistance.
Benefits
- Unlimited holidays 🏝
- Fully remote: your way of working 🌎
- Paid parental leave & benefits for primary or second caregiver 💙
- Team events: onboarding tour & company retreats in different locations around the world 😎
- Work from home office equipment stipend of up to $500 USD 🪑
- Monthly allowance for wellness activities 💪
- Coworking: access to a coworking space of your choice 👩💻
- Learning: technical training; spoken language lessons in any language of your choice (using Italki) 🗣
- Working with a global team in a fast-growing industry 🚀
At OpenZeppelin, we are an equal opportunity employer and we value different perspectives. We are committed to building a diverse workforce. This includes but is not limited to gender, race, sexual orientation, religion, national origin and other characteristics that make each one of us unique. In this uniqueness, we find the most value. Come join us!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile APIs Audits Automation AWS Blockchain CISM CISSP Cloud Compliance Crypto DevOps DevSecOps Finance GIAC GitHub Governance Incident response IT infrastructure NIST NIST 800-53 Open Source Product security Risk assessment SDLC SOC SOC 2 Vulnerabilities
Perks/benefits: Career development Gear Home office stipend Parental leave Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Engineer jobs
- Open Senior Cyber Security Specialist jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs