Senior Infrastructure Security Engineer
inDrive
Other Engineering
Paphos, Cyprus · Kazakhstan
Posted on Jan 30, 2025
Senior Infrastructure Security Engineer
, Paphos · ·
We are looking for a Senior Infrastructure Security Engineer to join our team
Responsibilities
- Conducting periodic security audits of various infrastructure components, including cloud and baremetal environments, CI/CD components, authentication and authorization systems, logging infrastructure, and more
- Supporting external security audits and penetration tests and manage the remediation process for identified problems and misconfigurations
- Participation in the development of architectural solutions and services related to server infrastructure and provide security expertise in designing and implementing infrastructure services
- Developing of processes for scanning the perimeter and internal infrastructure for vulnerabilities using commercial and open source tools, support the vulnerability remediation process and assist infrastructure and development teams
- Maintaining and development of Information Security department s infrastructure, utilizing the company s technology stack, primarily AWS and Kubernetes, implement best practices in security and DevOps within the department s infrastructure
Qualifications
- Requirements Minimum of 3 years of practical experience in infrastructure security
- Experience in implementing vulnerability scanning processes for external perimeters and internal infrastructures using both commercial and open source tools
- Proficient in IaC tools such as Terraform, Terragrunt and Ansible, experience in developing custom playbooks and manifests.
- Experience in developing CICD pipelines using tools like GitHub Actions or GitLab CI, strong understanding of pipeline security and automation
- Deep understanding of Kubernetes components and operations, experience with security aspects of Kubernetes, including RBAC, Policy Engines, Network Policies, Security Contexts, and image security processes
- Strong knowledge of AWS services and cloud security best practices, experience in securing cloud based infrastructures
- Proficiency in scripting languages (e.g., Python, Bash, Golang) for automation purposes, experience developing automation scripts to enhance security operations
- Solid understanding of network security concepts and tools, experience in implementing network security measures
- Excellent verbal and written communication skills, ability to convey complex security concepts to technical and non-technical stakeholders
- Preferred Qualifications and Professional certifications such as OSCP, CKA, CKS, AWS Solutions Architect, AWS Certified Security, RHCE, RHCA, LFCS, HTB CPTS, or equivalents
- Practical experience working as a DevOps engineer, ability to manage infrastructure on AWS and Kubernetes platforms
- Experience with secret management systems like HashiCorp Vault, deep understanding of principles and best practices in secret management
- Experience in implementing monitoring systems for infrastructure, proficiency in collecting metrics and configuring alerts for availability issues
- Experience working with SIEM systems, ability to develop detection rules for Linux, AWS, GCP, and Kubernetes environments
- Experience in architectural reviews of infrastructure services, ability to enhance infrastructure designs from a security perspective
- Contributions to open source security projects and infrastructure projects. Familiarity with compliance standards like ISO 27001, PCI DSS, experience implementing controls to meet regulatory and compliance requirements
Conditions & Benefits
- Stable salary, official employment
- Health insurance
- Hybrid work mode and flexible schedule
- Relocation package offered for candidates from other regions
- Access to professional counseling services including psychological, financial, and legal support
- Discount club membership
- Diverse internal training programs
- Partially or fully paid additional training courses
- All necessary work equipment