Information Security Engineer Jr.

**About the job**

**Key activities and responsibilities**

• **Assist in Infrastructure Security Management**: Collaborate with other members of the team to implement and maintain security controls for the organization's infrastructure, including networks, servers, endpoints, mobile, and cloud environments.
• **Security Configuration and Hardening**: Participate in the configuration and hardening of infrastructure components, including firewalls, switches, servers, WiFi and endpoints, to align with industry best practices and compliance requirements.
• **Vulnerability Management**: Support the identification, assessment, and remediation of vulnerabilities across the infrastructure by conducting regular scans, prioritizing findings, and coordinating with relevant teams for resolution.
• **Incident Response Support**: Assist in incident response activities by providing analysis and investigation support during security incidents, including log analysis, evidence collection, and containment measures.
• **Automation Scripting and Infrastructure as Code**: Develop and maintain automation scripts using scripting languages to streamline routine tasks, while also designing, implementing, and managing Infrastructure as Code (IaC) templates.
• **Security Documentation and Reporting**: Contribute to the development and maintenance of security documentation, including policies, procedures, and standards. Generate regular reports on security metrics and findings management review.
• **Collaboration and Communication**: Work closely with cross-functional teams, including IT, operations, and development, to integrate security into all aspects of the infrastructure lifecycle. Communicate security risks, issues, and recommendations to stakeholders effectively.

**Required skills and aptitudes**

• **Experience in Securing Endpoints, Servers, and Infrastructures**: Demonstrated experience of at least 1 year in securing endpoints, servers, and infrastructures, with a comprehensive understanding of security protocols, cryptography, and networking principles.
• **Supporting Security Technologies**: Experience with supporting a range of security technologies, including Firewalls, WAF and VPN, to ensure the protection and integrity of organizational assets.
• **Proficiency in Programming and Scripting Languages**: Proficiency in common programming and scripting languages such as Python, PowerShell, and Bash, enabling the development of custom automation solutions and security scripts.
• **Cloud Security Experience**: Experience securing or managing public clouds such as AWS, GCP, or Azure, with a focus on implementing robust security measures tailored to cloud environments.
• **Intermediate English Proficiency**: Intermediate proficiency in spoken and written English, facilitating effective communication and collaboration in an international and multicultural work environment.

**Desired skills and aptitudes**

• **Experience in Agile Environments**: Practical experience working in an agile environment, with the ability to adapt and thrive in a fast-paced, iterative development environment.
• **Knowledge of Information Security Standards**: ISO 27001/27002, NIST 800-53, PCI DSS, CIS Critical Security Controls, etc., as well as regulations related to information security and data confidentiality (e.g., FERPA, HIPAA), and related security principles for risk identification and analysis.
• **Understanding of Current IT Risks**: Good working knowledge of current IT risks and experience implementing and/or designing security solutions to address these risks effectively.
• **Strong Communication Skills**: Strong communication skills, both written and verbal, to effectively collaborate with technical and non-technical team members, articulate security concepts and recommendations, and facilitate productive discussions.
• **Experience in Penetration Testing and Security Assessments**: Practical experience performing Penetration Testing and Security Assessments, including vulnerability identification, exploitation, and remediation recommendations.
• **Relevant Certifications**: Security, Networking and Cloud certifications are a plus, demonstrating proficiency and expertise in information security and cloud security domains.
• **Educational Background**: Bachelor's degree in computer science, systems engineering, or a related area, providing a solid foundation in technology and security principles.

LI-AC1

Remote