Infrastructure Security Engineer

Местоположение и тип занятости

Лимассол (Кипр)Полный рабочий день

Компания

Международная финтех-компания

Описание вакансии

О компании и команде

With over 2,000 employees of more than 88 nationalities, Exness is the place for global teamwork, incredible leadership, a learning culture, and constant development. Unlimited by time zones, Exnessians from around the world have worked seamlessly together since 2008 to provide our traders with the best possible trading experience. Today, we stand proud with over 300,000 active traders and 3 trillion USD in monthly trading volume.

Ожидания от кандидата

Your role at Exness:

You will identify existing and emerging security threats in infrastructure services and create a protected environment. Together with a team of infrastructure security engineers, you will maintain business continuity and regulatory compliance by fostering a security culture within the company. You will use your industry experience to own and drive the resolution of complex security incidents, policy questions, and technical security issues.

You will need a team player mindset and should be ready to collaborate with other departments to solve security-related issues. In this role, you will need to be passionate about keeping services safe and driven by opportunities to mitigate vulnerabilities and risks.

Our Infrastructure Security team creates and maintains the safest operating environment for our employees and customers. Our infrastructure security engineers work with Splunk, k8s, Vault, Cloud Security (AWS, GCP), and WAF, actively use DevSecOps approaches, and automate security operations (SecOps, Python/Go).

You will:

  • Work directly with the business units to facilitate risk assessment and risk management processes.
  • Maintain effective communication and coordination with Exness Technology teams in security-related areas.
  • Manage information security controls.
  • Enforce compliance with these controls and technology-related regulatory requirements.
  • Participate in internal and external audits.
  • Handle data loss and fraud prevention, making sure the staff doesn't misuse data.
  • Manage personal data protection measures (including GDPR).
  • Develop security policies and procedures.
  • Review architecture, implementing operations of IT systems from a security perspective.
  • Conduct identity and access management and ensure that only authorized people have access to restricted data and systems, maintaining the least privilege approach.
  • Carry out the management of security incidents, including investigations and forensics.
  • Process events generated by security tools: WAF, VPN, SIEMr and others.
  • Manage and develop onboarding and ongoing security education programs for employees.

What we expect from you:

  • 5 or more years of experience in information security or other IT roles
  • Ability to leverage business communication skills to inform, convince, and educate employees to enable practical information security activities and processes
  • Knowledge of most common vulnerabilities and ways of protective measures from exploiting them
  • Hands-on experience with modern information protection systems (including open-source products)
  • Background in administering Linux and Windows systems
  • Understanding of security aspects of virtualization, containerization (Docker), and cloud services (AWS)
  • Familiarity with cryptography foundations, knowledge of X509 standard, and experience with PKI administration
  • Broad-spectrum of technical knowledge in the following areas (the list is not exhaustive): Linux family, Docker, Kubernetes, vSphere, AWS, Vault, LDAP, Cisco ASA, Microsoft Windows AD, SSO
  • Capability to perform audits, both internal and external
  • Intermediate-level or higher of English

Nice to have:

  • General acquaintance with regulatory frameworks and compliance requirements associated with financial services
  • Understanding of ITSM fundamentals and project management
  • Any industry certifications
  • Security forensics experience

Условия работы

What you can expect from us:

  • Competitive and attractive compensation
  • Extensive learning opportunities, such as professional training and certifications, soft skills development, free English courses, and trading workshops
  • Flight tickets, hotel or apartment accommodation for your first month, migration support, and legal help for you and your family (if relocating)
  • Health and life insurance for employees, spouses, and children, including vaccinations, tests, mental health care, and coverage for vision and dental care
  • Generous time off, including 21 days of annual leave and paid sick leave
  • Education allowance for your children’s school and kindergarten fees
  • Access to our very own sports club with dedicated coaches, free Sanctum Club memberships for you and your spouse, corporate SUPs, jet skis, etc
  • A branded company car (if relocating) with a parking space near the office
  • Outstanding team-building experiences and Exness community gatherings

Дополнительные инструкции

Your journey after applying:

  1. First interview (up to 40 minutes)
  2. Technical interview (1 hour)
  3. Test task (optional)
  4. Final interview (1 hour)