As Security Engineer on the Infrastructure Team at LotusFlare you will be responsible to drive the overall IT security standards across our cloud native DNO stack. This incorporates security policies and domain security concepts along with the implementation and the lifecycle of security technologies in LotusFlare’s infrastructure.

As Senior Security Engineer you will be reporting to the VP of Infrastructure and engage directly with infrastructure and product engineering teams.


REQUIRED SKILLS At least 5+ years of experience in a similar technical security roleExperience with ITSMS frameworks ISO27000, NIST and SOCExcellent knowledge in development and implementation of the following concepts:Network Security ConceptsLinux System Security and System HardeningData Classification and Data Security ConceptsCloud Security, particularly AWSUnderstanding of various user access controls, SSO, user profile integrity and access management controlsExperience in Server Application security concepts and security controlsExperience with intrusion detection solutions and web application firewalls/L7 proxiesPlanning and executing security audits and continuous security and threat monitoringKnowledge of privacy frameworks like GDPR and related IT controls and implementationsDevSecOps experience, implementation of security controls and familiarity with SCAP and continuous security monitoring solutionsAbility to analyze and resolve complex infrastructure resource and application deployment issuesMinimum Intermediate level of English
RESPONSIBILITIES Actively managing the security of our cloud-native runtime environmentEvolving LotusFlare’s GRC with regular senior management reporting of compliance and risk KPIsClearly and promptly communicate and negotiate security technical topics with both technical and non-technical audiencesDrive security improvements to production cloud environmentsPerform targeted offensive security testingImplement continuous monitoring systems and tools to automatically identify potential security issues at the code, application and infrastructure layersConduct security audits in cloud environmentsReview code and other production changes with the goal to maintain the security standardsDevelop documentation listing recommendations and best practices for infrastructure and organizational security standardsStay current on emerging security threats, vulnerabilities, and controls for the cloudWorking with backend engineering teams on architecting, profiling, and monitoring high-performance high availability product components as microservices, providing mission-critical real-time functionality on the control plane of mobile and fixed networksEvolving the infrastructure and keeping our stack up to date with the latest technologies
WE OFFERFlexible schedule with a possibility to work from homeYearly bonusPaid LunchesPrivate Medical InsuranceCompany covers accountant assistance expensesZUS CoverageUnlimited sick leaves21 working days of vacation, public holidaysTrainings and workshops