Security Engineer - IT
As a Security Engineer, you will focus on the problem of keeping our systems safe and protecting our customers while adapting to the high-speed growth of our business and our enormous scale. You will be focusing on keeping interactions on our platform as simplified as possible using advanced engineering to detect and mitigate vulnerabilities and security flaws in Xtremax’s system. The ability to perform systems security or vulnerability analysis and design is a must.
Responsibilities:
- Develop a set of security standards and best practices for the organization and recommend security enhancements to management as needed. Develop strategies to respond to and recover from a security breach
- Set up, configure, and tweak security in all infrastructure systems (System, Server, Network, and Client)
- Handle, maintain and manage various potential security threats
- Collaborate with other team members for security design and policy
- Doing system hardening and penetration testing
- Doing an internal security audit
- Handle antivirus and malware protection
- Doing backup and restore data in our system
- Documented all internal audit processes, such as patching, update, server access log, VAPT, and backup recovery process
- Conducts periodic scans of networks to find any vulnerability. They also conduct penetration testing, in which they simulate an attack on the system to highlight or find any weaknesses that might be exploited by a malicious party.
- Proactive learning, assess and utilize new technologies and concepts with customer requirements
- Responsibility for educating the workforce on information security through training and building awareness
- Bachelor’s Degree in Software Engineering / Computer Science / Information Technology / equivalent or relevant work experience.
- Having good knowledge about security systems and policy
- Good at managing sensitive and confidential data, workstation devices, patching and upgrading systems, applications, services, and other infrastructure foundational components.
- Good at planning, developing, and implementing IT security controls that are documented and working properly.
- Familiar with system hardening and penetration testing
- Experience handling antivirus and malware protection
- Familiar with ISO27001
- Familiar with Linux and Windows OS
- Familiar with cloud security services such as AWS, Azure, and GCP
- Able to create some script, i.e., bash, python
- Love to learn, assess, and utilize new technologies
- Having certification in cloud security area is a plus