Lead Security Engineer
JUMIA (Permanent), in Porto, Portugal
Porto, Portugal
há 4 dias
source : Landing.jobs

Responsibilities :

  • Build out a roadmap for the workforce training, penetration testing and company security policies.
  • Perform security reviews and risk assessments as required.
  • Recommend and implement changes to enhance systems security and prevent unauthorized access.
  • Automate tasks on managing and configuring security-related services.
  • Deliver practical awareness training of the workforce on information security standards, policies and best practices.
  • Manage security policies and procedures by reviewing and auditing security policies.
  • Help to maintain information security policies and company-wide information security controls to protect the integrity of company's assets.
  • Help monitor infrastructure compliance of legal requirements and internal policies.
  • Exercise and execute incident response plans in response to suspected security incidents.
  • Develop, augment or implement open-source and third-party controls to assist in detection, prevention and analysis of security threats.
  • Coordinate incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage.
  • Coach and mentor junior team members.
  • Requirements :

  • Degree in Computer Science or higher in an Information Security field.
  • Background in software development or systems administration.
  • 5 or more years in a similar position.
  • Display strong technical and thought leadership skills.
  • Good understanding of network protocols, design, and operations.
  • Working knowledge of Security principles, techniques, and technologies.
  • Knowledgeable of programming languages like Python, Go, Ruby, etc.
  • Comfortable with Web Application Firewalls, SIEM, IDS / IPS.
  • Experience with defining and enforcing hardening and other security standards.
  • Knowledge of open security testing standards and projects, including OWASP..
  • Certifications on Information Security (CISSP, CISA, OSCP, OSWE, OSCE, GPEN, GXPN, GREM, GNFA, GCFA or similar).
  • Fluency in English, both written and spoken.
  • Valued :

  • Experience with Cloud environments (AWS, Azure, GCP) is a plus.
  • Experience in Identity Management projects or Cloud Access Security Brokers is a plus.
  • Working knowledge of PCI-DSS and / or ISO 27001, policy and procedure review and document management, gap analysis, etc is a plus.
  • Good understanding of risk-assessment methodologies (OCTAVE, NIST SP 800-30) is a plus.
  • Experience in Data Privacy impact assessment (GDPR) is a plus.
  • CCP (ex-CAP) is a plus.
  • Fluency in French, both written and spoken is a plus.
  • We offer :

  • A unique experience in an entrepreneurial, yet structured environment.
  • The opportunity to become part of a highly professional and dynamic team working around the world.
  • An unparalleled personal and professional growth as our longer-term objective is to train the next generation of leaders for our future internet ventures.
  • Reportar esta oferta de trabalho
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Inscreva-se
    Meu e-mail
    Ao clicar em "Continue", autorizo a neuvoo a processar os meus dados e a enviar-me alertas de e-mail, conforme detalhado na Política de Privacidade da neuvoo . Posso retirar o meu consentimento ou cancelar a subscrição a qualquer momento.
    Continue
    Formulário de candidatura