Infrastructure Security Analyst

Iasi

Applications have closed

Mambu

Meet Mambu, the SaaS cloud banking platform powering financial innovators everywhere.

View company page

If you’re a customer of the largest digital bank in the EU, then you’ve probably interacted with our platform and didn't even know it! We are Mambu - SaaS FinTech Unicorn on a mission to revolutionise financial services globally. Your reward if you will join us? A (code) mark on a product used by millions of people!
We are looking for an Infrastructure Security Analyst to join our global Platform and Reliability Engineering team and ensure secure infrastructure operations, containment of infrastructure security incidents that may harm the company, and constantly improve the maturity level of Mambu’s infrastructure security.

How you support our mission

  • Ensure that infrastructure events and changes related to information security are timely reviewed
  • Quickly review infrastructure events that impact information security, like access to customer data, to be in line with internal policies 
  • Quickly review infrastructure changes that impact information security, like a change in firewall rules or introduction of a new SaaS solution or open source component, to be in line with internal policies
  • Work with Security Engineers to automate reviews where possible

  • Ensure that infrastructure security incidents are quickly contained
  • Quickly perform a first assessment on infrastructure security incidents, including reported vulnerabilities from several sources (IDS, WAF, vendors of third party dependencies, penetration tests), regarding their risk and derive next actions

  • Ensure that security aspects are well reflected in infrastructure risk assessments
  • Support security readiness assessments for new infrastructure services or after major changes
  • Support annual and ad-hoc risk assessment workshops with Infrastructure team members to identify and mitigate infrastructure related security risks for existing systems and during the design of new services
  • Monitor treatment of risks and support continuous improvement of the maturity of the infrastructure security program to reduce security related risks

  • Ensure security awareness among Infrastructure engineers (SREs)
  • Maintain information security and data privacy training program and train infrastructure engineers on information security and data privacy with respect to their infrastructure engineers function

  • Rensible for successful internal and external security audits and due diligences
  • Coordinate pentests from infrastructure perspective
  • Perform internal infrastructure security audits
  • Support maintaining the documentation of the infrastructure security in our Control register and security assurance documents
  • Coordinate table-top exercises for infrastructure team, covering scenarios like disaster recovery, data breaches, or cyber attacks
  • Attend internal and external audits and due diligence activities to demonstrate evidences of current practices related to infrastructure security

What you’re bringing to the table

  • Information Security Knowledge: Concepts of information security (confidentiality, integrity, availability, etc.) and their implementation options (encryption, identity and access management, backups, redundancy & high availability, network configuration)
  • Knowledge of modern application architecture
  • Knowledge of modern infrastructure 
  • Analytical, detail oriented and creative problem solving skills
  • Strong written and verbal communication skills in English

You’re more than your job description

  • Information security risk management incl. threat modeling
  • ISO 27001 Implementation Knowledge
  • Internal Auditor Experience
  • Data Privacy / GDPR Knowledge
  • Knowledge and experience with a programming language (e.g. Python)
We are a diverse group of Mambuvians, and we are growing fast across 30 countries and 6 continents (not enough banks on Antarctica!). Our eyes are on the future, and we believe we can achieve our mission together by working agile, harnessing the latest technology and having a positive impact for future generations by improving the environment we are in.
Mambuvians own their career growth, but we like to celebrate our successes together. We’ve got your back on your health, body and mind. Whether it’s our flexible hours or locations, or our 4-day work week over a 3 month period. You work 4 days a week, but get paid for 5! As a member of the Iasi office team, you will have access to:
Private health insuranceWellbeing: therapeutic massage, sports package, eye glasses budget, standup deskPre-paid parking ticket at Palas / Monthly bus passMonthly meal tickets Ticket gifts for: Easter and ChristmasIn the office: fruit, coffee, tea, sweets and many others;Monthly fruit delivery at home and desk acquisition for home office during the pandemicTraining & development personal budget
As part of the recruitment (or HR onboarding) process, you will be required to obtain authorized criminal background and credit screening results, and your employment is conditional upon approval of these results.
More about us:
To stay on top of the latest Fin-Tech trends and our success stories, please follow us on LinkedInFor more details regarding our global career opportunities, please visit Career Site

Tags: Agile Audits Encryption FinTech Firewalls GDPR IDS ISO 27001 Open Source Privacy Python Risk assessment Risk management SaaS Vulnerabilities

Perks/benefits: Career development Flex hours Startup environment Team events

Region: Europe
Country: Romania
Job stats:  8  0  0
Category: Analyst Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.