Senior Security Engineer

The team comprises of multiple functions from Blockchain Security, Operational Security, Security Governance and Compliance and more. We drive a culture of having a growth mindset and being humble to help everyone achieve their potential. Security and Data Privacy Compliance first strategy which has been at the core of our company. The security team helped to drive us to be the first Crypto company worldwide to achieve ISO27001, ISO27701, ISO22301 and PCI:DSS 3.2.1 (Level 1) certifications. Extremely detailed third party attested by international audit firm SGS and achieved "Adaptive (Tier 4)” - the highest level possible for the US National Institute of Standards and Technology (NIST) Cybersecurity Framework and the latest NIST Privacy Framework as well as SOC2 and many other regional certifications like the Data Protection Trust Mark.

The Senior Security Engineer will support the improvement of the company’s cloud security posture primarily through the implementation & enhancement of native security controls across the organization’s cloud environments; the enforcement of configuration hardening & security compliance through cloud security posture management; and the implementation & enhancement of container security controls. The Senior Security Engineer will also contribute to cloud security logging, detection and response initiatives.

The Senior Security Engineer will also support the company’s vulnerability and configuration management programs primarily through vulnerability lifecycle management - including advisory, scanning and reporting of vulnerabilities, and working with stakeholders to drive patching & remediation; and through the secure configuration management of the company’s workstations and servers.

**Responsibilities**:

- Implement, manage and enhance cloud security controls - native cloud security controls, CSPM, CNAPP, container security controls, etc.
- Build, maintain, tune and enhance CSPM, CNAPP and container security rules and policies.
- Work with SIEM engineering on cloud security logging and cloud security threat detection use cases.
- Work with the SOC on cloud security response procedures and to implement automated containment runbooks.
- Improve cloud security logging, detection and response processes.
- Manage and enhance the company’s vulnerability management lifecycle processes.
- Manage vulnerability and configuration scanning tools, setup vulnerability scanners, perform scheduled scans, tuning scanning profiles, etc.
- Review and triage vulnerability alerts/advisories to produce manageable reports for actionable next steps.
- Assist in the analysis and remediation of findings discovered during scheduled internal and third party vulnerability scans and penetration tests
- Prepare security patch bundles for various types of endpoints (Windows, Linux, MacOS).
- Manage and enhance the company’s baseline security configuration program for workstations and servers. This involves maintaining and developing hardening standards and working with stakeholders to implement these standards across the organization.
- Ensure the timely delivery of compliance and regulatory reporting.
- Collaborate closely with the security compliance team to acquire the compliance and regulation requirements and ensure the program fulfill their needs
- Deliver on KRIs and KCIs for vulnerability management, secure configuration management and cloud security.

**Requirements**:

- 7+ years of experience working in information security
- 5+ years of experience in cloud security or vulnerability management
- Cloud experience (AWS and Azure) in administrative management, policy management, platform management, cloud security controls management and DevOps integration is required.
- Coding, scripting, automation in GitHub and familiarity with Infrastructure as Code (IaC) in AWS/Azure will be an advantage.
- Knowledge of common security frameworks such as CIS, NIST, PCI DSS etc.
- Able to articulate how vulnerabilities translates to cyber-risks
- Experience conducting security risk assessments
- Experience of using vulnerability management tools like Tenable, Qualys, InsightVM, Tripwire CCM, etc. Familiarity with Qualys will be an advantage.
- Proficiency in a scripting language like Python, Ruby, PowerShell, or Bash is preferred.
- Information Security certifications (CISSP, SANS GIAC, Security+, etc.) a plus.
- High work ethic and sense of ownership for the delivered results.
- Excellent communication skills in English (spoken & written) and comfort communicating security risks and controls to technical and non-technical partners required.

LI-SF1

LI-MidSenior

LI-Hybrid

Empowered to think big. Try new opportunities while working with a talented, ambitious and supportive team.

Transformational and proactive working environment. Elevate employees to find thoughtful and innovative solutions.

Growth from within. We help to develop new skill-sets that would impact the shaping of your perso