Security Engineer - IT

Security Engineer - IT

As a Security Engineer, you will focus on the problem of keeping our systems safe and protecting our customers while adapting to the high-speed growth of our business and our enormous scale. You will be focusing on keeping interactions on our platform as simplified as possible using advanced engineering to detect and mitigate vulnerabilities and security flaws in Xtremax’s system. The ability to perform systems security or vulnerability analysis and design is a must.

Responsibilities:

• Develop a set of security standards and best practices for the organization and recommend security enhancements to management as needed. Develop strategies to respond to and recover from a security breach.
• Set up, configure, and tweak security in all infrastructure systems (System, Server, Network, and Client).
• Handle, maintain and manage various potential security threats.
• Collaborate with other team members for security design and policy.
• Perform system hardening and penetration testing.
• Conduct internal security audits.
• Manage antivirus and malware protection.
• Backup and restore data in our system.
• Document all internal audit processes, such as patching, updates, server access logs, VAPT, and backup recovery processes.
• Conduct periodic scans of networks to find any vulnerabilities, including penetration testing to simulate attacks on the system.
• Proactively learn, assess, and utilize new technologies and concepts based on customer requirements.
• Educate the workforce on information security through training and awareness programs.

Minimum Requirements:

• Bachelor’s Degree in Software Engineering / Computer Science / Information Technology / equivalent or relevant work experience.
• Good knowledge of security systems and policies.
• Experience managing sensitive and confidential data, workstation devices, patching, and upgrading systems, applications, services, and other foundational components.
• Ability to plan, develop, and implement IT security controls that are documented and functioning properly.
• Familiarity with system hardening and penetration testing.
• Experience handling antivirus and malware protection.
• Familiarity with ISO27001.
• Familiarity with Linux and Windows OS.
• Familiarity with cloud security services such as AWS, Azure, and GCP.
• Able to create scripts in languages such as Bash and Python.
• Willingness to learn, assess, and utilize new technologies.
• Certification in the cloud security area is a plus.