IT-security engineer

For one of our clients within the banking sector we are looking for an experience security engineer.

Experience & Qualifications;

• Technical knowledge, expertise and experience in areas within the IT Security domain with at least 6-8 years of progressive experience
• Proven experience and competence of working with Security technologies on the Amazon Web Services (AWS) platform with large scale implementation, operation and lifecycle management from the banking/financial sector
• Fundamentals of automatization of Security in an agile working methodology
• Working with an international and multi-cultural organization with outsourcing partners
• Recognized certification within the IT Security domain and AWS is preferred

Professional Skills:

Extensive knowledge of working with Security Technologies & Processes in any of the following Security domains on Amazon Web Services (AWS) as a platform is required: 

• Systems Administration: Assuring secure administrative channels incorporating capabilities such as Bastion Hosts, Separation of Administration from Services, Multifactor Authentication for System Administrators and Administrator Audit Trails. 
• Network Security: High knowledge of implementing & maintaining Network Zoning, Firewall & Firewall Management, IDS / IPS, NACL and Security Groups.
• Application Security: Implementing and maintaining capabilities such as Web Application Firewall (WAF) and API Security Gateways. High knowledge of Security in a Software Development Lifecycle (SDLC) with implementations in an agile working methodology and CI/CD pipelines. General Knowledge of Secure Coding and the OWASP Framework with experience on Security testing capabilities such as Static & Dynamic Application Security Testing (SAST/DAST).
• Endpoint, Server & Device Security: Working with System Hardening and "Gold Code" Software Images covering a system stack incorporating EC2 and Containers. Bringing Security into the automation concepts of Infrastructure as Code. Experience on working with Endpoint Security capabilities, Computer Security & Logging Policies in such a system stack.
• Identity, Authentication & Access Management: Experience involving capabilities such as; Identity Lifecycle Management, Segregation of Duties, Multi-Factor Authentication and Role Based Access Control. Knowledge of Federated Identities & protocols such as Oauth2, OpenID and SAML to implement & operate authentication and authorization concepts in applications & systems.
• Data Protection & Cryptography: High knowledge on Transport Layer Security (TLS), Public Key Infrastructure (PKI), Key Lifecycle Management and Data Encryption, Anonymization & Tokenization.
• Monitoring, Vulnerability & Patch Management: Knowledge on Monitoring, Vulnerability Scanning and Patch Management & Deployment.
• High Availability & Disaster Recovery: Experience on incorporating capabilities such as; Clustering, Load Balancing, Data Mirroring & Replication Disaster Recovery Planning (DRP) and Backups & Backup Management.

Technology Skills

Knowledge in any of the below listed technologies are required;

• AWS Key Management Service
• AWS Secrets Manager
• AWS Certificates Manager
• AWS Config
• AWS IAM/Cognito
• AWS Cloud Trail
• AWS Cloud Watch
• AWS Cloud Front
• AWS Shield
• AWS Workspace
• AWS S3
• AWS Trusted Advisor
• AWS Inspector
• AWS GuardDuty
• AWS Firewall Manager
• AWS Transit Gateway
• AWS API Gateway
• AWS Systems Manager
• AWS Security Hub
• AWS Macie
• AWS Application Load Balancer
• VPC, NACL & Security Groups
• Curity Identity Server
• SAST/DAST involving SonarQube, Tennable and Burpsuite

Trend Micro EPS/Deep Security

Additional Skills: 

• Organized and structured
• Ability to work in a team and also across multiple teams
• Have excellent communication and presentation skills
• Fluent in English, spoken and written