Senior Information Security Engineer

PriceHubble is a PropTech company, set to radically improve the understanding and transparency of real estate markets based on data-driven insights. We aggregate and analyse a wide variety of data, run big data analytics and use state-of-the art machine learning to generate stable and reliable valuations and predictive analytics for the real estate market. We are headquartered in Zürich, with offices in Berlin, Hamburg, Paris, Amsterdam, Vienna and Tokyo. We work on international markets and we are backed by world-class investors. We have a startup environment, low bureaucracy and an international team and business.

Your role

We are looking for a talented Information Security Engineer to join our team. You thrive on new challenges, possess a strong development background, and have the drive to invent. As a Senior Information Security Engineer will analyse software designs and implementations, tools and processes from a security perspective, and identify and resolve security issues. Will drive the adoption of new guidelines and technologies to keep PriceHubble safe.

The ideal candidate should have a background working in Cloud based Linux environments, and prior experience with security tools such as Cloudtrail, Threat Stack, Nessus or similar. The role will include the appropriate security analysis, defenses, and countermeasures at each phase of the software development life-cycle, resulting in robust and reliable software. There will also be responsibility for working with compliance tools, performing patching and remediation, and working with the sales and product team on security posture and assessments.

You should be able to learn quickly, work in a fast-paced, team driven environment, and have the ability to communicate well with both technical and non-technical staff.

PriceHubble has a positive, diverse, and supportive culture - we look for people who are curious, inventive, and work to be a little better every single day. In our work together we aim to be smart, humble, hardworking and, above all, collaborative. If this sounds like a good fit for you, why not say hello?

Responsibilities

• Design guidelines that help PriceHubble be more secure in its infrastructure.
• Develop orchestration and automation between security tools to react to security incidents, using Security automation and orchestration (SOAR).
• Automate processes and monitor infrastructure that helps secure the systems and services.
• Help develop security standards, preferred implementation patterns, secure common frameworks, and developer documentation and educational materials.
• Manage vulnerability and enable security integrations into the SDLC process and CI/CD pipeline.
• Assure cloud solutions and frameworks are built with consideration toward industry standard compliance requirements such as ISO 27001.
• Help protecting the End-Points by recognising the problems and identifying uncharacteristic activity.
• Implement Security improvements where needed and keep the stakeholders informed with performance reports on a regular basis.
• Carry out security audits and communicate the status of system security.
• Be a major owner of PriceHubble’s information security posture.

Requirements

• Ability to effectively work with and contribute to a close-knit team while also being a self-starter are critical to success.
• Experience securing and auditing open source technologies, automation tools and scripting or other languages.
• Deep knowledge in key security concepts such as authentication, authorisation, public/private key encryption, threat and vulnerability management, dynamic application security testing, static code analysis, role-based access control, and security by design.
• Experience with Cloud compliance, audit, and governance.
• Experience with common information security management frameworks and best practices sourced from CIS, SANS, OWASP, NIST, etc.
• Broad technology background with an understanding of security best practices relating to Kubernetes, Docker, Database, Storage and Networking.
• An understanding of SOC II, ISO27001 certifications highly desired.
• An understanding of global privacy issues and GDPR desired.

Good to have (any):

• Certification on CompTIA Cloud+
• Certificate of Cloud Security Knowledge (CCSK)
• Certified Cloud Security Professional (CCSP) by ISC2
• Google Professional Cloud Security Engineer

* We are interested in every qualified candidate who is eligible to work in the European Union but we are not able to sponsor visas.

Benefits

Join an ambitious and hungry team and enjoy the following benefits:

💰 Competitive salary because we always want to attract the best talents.

📘 Learning & Development program - We want you to feel happy, confident about improving your skills, experience level as well as your personal development success.

🏢 Very well-located offices with a great remote work policy and the possibility to work from different places.

🕓 Flexible working hours and work life balance.