Security Engineer - IT

Security Engineer - IT

As a Security Engineer, you will focus on the problem of keeping our systems safe and protecting our customers while adapting to the high-speed growth of our business and our enormous scale. You will be focusing on keeping interactions on our platform as simplified as possible using advanced engineering to detect and mitigate vulnerabilities and security flaws in Xtremax’s system. The ability to perform systems security or vulnerability analysis and design is a must.

Responsibilities:

1. Develop a set of security standards and best practices for the organization and recommend security enhancements to management as needed. Develop strategies to respond to and recover from a security breach.
2. Set up, configure, and tweak security in all infrastructure systems (System, Server, Network, and Client).
3. Handle, maintain and manage various potential security threats.
4. Collaborate with other team members for security design and policy.
5. Perform system hardening and penetration testing.
6. Conduct an internal security audit.
7. Manage antivirus and malware protection.
8. Backup and restore data in our system.
9. Document all internal audit processes, such as patching, updates, server access logs, VAPT, and backup recovery processes.
10. Conduct periodic scans of networks to find any vulnerabilities and perform penetration testing to simulate attacks on the system to identify weaknesses.
11. Proactively learn, assess, and utilize new technologies and concepts with customer requirements.
12. Educate the workforce on information security through training and building awareness.

Minimum Requirements:

1. Bachelor’s Degree in Software Engineering / Computer Science / Information Technology / equivalent or relevant work experience.
2. Good knowledge of security systems and policies.
3. Experience managing sensitive and confidential data, workstation devices, patching and upgrading systems, applications, services, and other infrastructure foundational components.
4. Ability to plan, develop, and implement IT security controls that are documented and functioning properly.
5. Familiarity with system hardening and penetration testing.
6. Experience handling antivirus and malware protection.
7. Familiarity with ISO27001.
8. Familiarity with Linux and Windows OS.
9. Familiarity with cloud security services such as AWS, Azure, and GCP.
10. Able to create scripts, e.g., bash, python.
11. Willingness to learn, assess, and utilize new technologies.
12. Certification in cloud security is a plus.