Information Security Engineer

Krakow, Lesser Poland, Poland

Ocado Technology

View company page

   

Job Purpose

The main purpose of this role is to work on designated software development projects, with an emphasis onwriting robust, effective code, and developing, maintaining, deploying and supporting high-quality software systems. To take an active role in supporting business needs and meeting organisational objectives, as part of the Ocado Technology team.

 

Roles & Responsibilities

Help develop and refine the overall security architecture in Cloud (AWS, GCP, Azure) for new OSP platforms.

● Design solutions to maximize both developer productivity and security in cloud provisioning

● Work closely with software development and infrastructure teams to ensure that the overall security

objectives are met.

● Develop tools and solutions to help identify security vulnerabilities, monitor for security events or

apply security controls.

● Developing secure design patterns for cloud architectures developed in public or private cloud

environments.

● Monitor and detect insecure changes to cloud configurations

● Provide guidance to other teams regarding the impact of security issues.

● Work with Engineering and Product Owners on building processes and tools to meet with various

compliance criteria such as SOC

● Run initial key security operations functions for a Cloud Infrastructure which includes Vulnerability

Management, Security Incident Management, Security Incident Response

● Desire to constantly develop yourself via company provided learning platforms or personal training

budget

● Identify highly permissive IAM policies to enforce privilege access for specific users and services.

● manage individual project priorities, deadlines and deliverables

● Write and maintain documentation for tools and services developed in house as well as implemented using 3rd party solutions

Knowledge, Skills and Experience

Broad technical background covering one or more of operating systems, software development, private

and public cloud

● Good knowledge and/or experience in Linux, SSL, HTTP,

● Fundamental knowledge of networking (L3-L7) and network security including but not limited to

IDS/IPS, WAF, firewalls

● Knowledge of common security vulnerabilities and the technical knowledge to assess their severity

and impact.

● Good understanding of the security community, toolsets and knowledge sources

● Excellent verbal and written communication skills.

● Detail focused with a desire to provide 100% solutions and answers.

● Proactive approach, able to work on multiple parallel activities in a fast-paced environment and adapt

quickly to changing priorities.

● Able to build relationships across multiple teams with disparate skills.

● Strong verbal and written communication in English and Polish

NICE TO HAVE

● Scripting experience such as python

● 2:1 or First class degree in Computer Science or relevant experience

● Experience working with AWS or GCP

● Experience working with SOC2, PCI-DSS, ISO27001 standards

● Experience with Docker, Kubernetes

Competencies

● Technical Excellence – demonstrates intellectual rigour, possesses relevant abilities and is able to pick

up new skills quickly.

● Innovation & Problem Solving - able to solve complex problems, participates in continuous

improvement, adapts the ideas of others.

● Productivity, Drive & Achievement – proactive approach, gets things done, demonstrates

accountability and ownership, prioritising own workload.

● Business awareness – ability to apply learned skills, awareness beyond immediate area or role.

● Adaptability - working under pressure, flexible, positive and focused during times of change.

● Communication & Impact – strong verbal and written communication in English and Polish, robust interaction with internal clients.

● Teamwork – works well with others and actively contributes towards team objectives.

 

Equal Opportunity Employer

Ocado is an equal opportunities employer and as such makes every effort to ensure that all potential employees are treated fairly and equally, regardless of their sex, sexual orientation, marital status, race, colour, nationality, ethnic or national origin, religion, age, disability or union membership status.

 

Tags: AWS Azure Cloud Compliance Computer Science Docker Firewalls GCP IAM IDS Incident response IPS ISO 27001 Kubernetes Linux Network security Python Scripting SOC 2 Vulnerabilities Vulnerability management

Perks/benefits: Career development Flex hours Team events

Region: Europe
Country: Poland
Job stats:  5  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.