As our new Senior Cyber Security Operations Officer (SCSOO), you will :
Take a lead role in planning and executing cyber security operations, maintaining security configuration management roadmap, cooperating with the leading engineers and security staff;
Build capabilities and establishing a workflow for proper security configuration of kevin. ICT infrastructure by integrating related technological solutions on-premises, on endpoints and on the cloud, and by utilizing capabilities of the solutions that are already implemented.
Apply relevant configuration and monitoring security policies, international standards, hardening guides and best practices by routine hands-on security configuration, patching monitoring, and managing access rights to the resources and systems.
Participate in drafting architectural and governance documents on ICT networks, systems and applications, drafting patching, configuration management, access rights management and configuration monitoring policies and procedures.
Monitor the health of security appliances, applications and devices, and security configuration of perimeter and border control devices (e.
g. firewalls), intrusion detection solutions.
Ensure feeding the SIEM system by proper event and incident log feeds.
Initiate and escalate reactive or preventive cyber security operations.
Actively participate in incidents handling and business continuity events, incident investigations, evidence collection and forensics;
Assess and criticise systems' security plans, network architectures, security documentation as part of a vulnerability assessment or remediation engagements;
Provide support for the teams who run penetration tests, consult software development, networking, coding and security staff by sharing expert knowledge.
What you need to be successful :
A wish to take leadership as a process owner.
Ability to organize the work-flow in assigned area, time frame and resources, and prioritize tasks.
Degree in a related field such as Software Engineering, Math, Computer Science, IT or Cyber-Security, or 10+ years of experience in the related domain.
Around of 3 years relevant hands-on working experience with firewalls, routers, networking, intrusion detection and prevention solutions, especially with the cloud-based technologies.
Ability to develop scripts for laborious tasks that are necessary for getting proper configuration of security devices and applications, parse logs and data flows in order to feed SIEM system.
Experience with the cloud solutions deployment on AWS, dynamic configuration of perimeter devices, network engineering, domain and DNS configuration, and integration of other supportive solutions like Cloud Flare, through APIs or custom based connectors.
Understanding of network probing and scanning, DDoS, abnormal activities, such as patterns coming from ransomware, worms, trojans and viruses.
Strong knowledge and understanding of current security vulnerabilities, attack vectors directed to the perimeter control devices based on-premises or in the cloud.
Knowledge of network separation and segregation, networking protocols, TCP / IP stack, systems architecture, AWS framework, operating systems, web applications firewalls, access control tools, IDS / IPS technologies, and cryptography.
Understanding of web-based exploit kits and attack methods on internet-faced solutions.
Basic to medium knowledge of penetration techniques and digital forensics.
Certification in one or more of the following, or in other comparable certifications or acknowledged courses is desirable : AWS Certified Solution Architect, AWS Advanced Networking, AWS Certified Security, GCSA, CISM, CISA, CEH, Cisco Security, Security +, CompTIA Cloud+, Certified Kubernetes Security Specialist.
What will you get in addition :
Flexible salary payments - pick if you want to get your salary weekly, monthly or twice a month.
Freedom to create, innovate, and make impactful decisions.
Freelancer s working schedule just bring us the result on time.
Choose where to work from : our offices, your home, a little cabin in the woods, the beach - you get the point - just be reachable and do your job.
Talented and committed team members - the best of their fields.
Full ownership of your tasks and decisions.
Private Health Insurance.
Full compliance with local law requirements and labour code.
kevin.’s advanced A2A (account-to-account) payment infrastructure solution was created to swiftly change costly card payments to payments linked directly from customers’ bank accounts without using any third-party providers.
kevin.’s technology scales to businesses of any size and across industries, including retail, parking, fashion, car-sharing, deliveries, insurance and many more.
kevin. focuses on mobile and POS payments where customers predominantly pay using cards currently. Its payment infrastructure is based on open banking regulated by the European PSD2 Directive which requires all banks and financial institutions in the European Economic Area to open their API for licensed third-party providers.
kevin. develops only own connections to the banks without using any third-party aggregators.
Currently, the Company supports more than 4,000 merchants in 15 markets, including Sweden, Finland, Poland, Spain, Netherlands, Baltics and Portugal, where the company has a coverage of more than 85% of bank customers.
The firm’s services will be available in 28 European Economic Area (EEA) countries by the end of 2022. kevin. has a team of more than 180 employees in 13 countries and it plans to expand its workforce to beyond 350 employees in 2022.