Tech People Hungary Ltd. is a Technical Skills recruitment consultancy based in Budapest and Warsaw primarily sourcing professionals for ICT, Finance, Engineering and Logistics related positions. Now we are searching candidate for the following position:
Information Security Engineer (E-L01)
Our client is looking for an expert, hands-on Security Engineer to join our Internal IT team in Budapest. You will ensure that their internal applications and infrastructure are designed with the highest security standards in mind. If you enjoy analyzing system services, operating systems, networks and applications from a security perspective, and you are skilled at discovering security issues that appear under new threat scenarios, this position is a fantastic opportunity.
You will work closely with
other IT professionals in Budapest and you’ll be part of an IT team with colleagues in London, Dublin and the United States, so occasional travel (10%) will be part of the gig.
Reporting to the EU IT Manager, you will be focused on taking our client Internal IT Security to the next level. Make your mark by helping to shape risk and information security governance for one of the fastest growing software companies in the world.
• Help shape security standards, procedures and guidelines for IT security controls and policies; evangelize, communicate and build consensus for adoption of policies companywide
• Provide internal security assessments of all new technology being delivered by Internal IT or acquired with partnerships with SaaS companies by participating in the lifecycle of technology projects
• Provide security assurance against cyber-attacks, which may include (but not be limited to) DOS, DDOS, data loss and other malicious cyber activities, which could negatively impact the company and/or our Customers.
• Track, document and manage all open security related problem reports and remediation within the team to the IT management and CISO.
• Research, evaluate and recommend information-security related hardware and software to maintain a strong security posture, including developing business cases for security investments
• Conduct periodic risk assessments, penetration testing and vulnerability assessments
• Develop and validate baseline security configurations for operating systems, applications, networking and telecommunications equipment.
• Monitor periodic reports and analyze security logs for unusual events and trends.
• Provide expert level support and analysis during and after a security incident
• Participate in security investigations and compliance reviews as requested by internal or external auditors.
• Help conduct Security Awareness Training for employees at all levels
• Research and assess new threats and security alerts, and recommends remedial actions.
• Document and report on annual security reviews, residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
Technical/business knowledge, experience, and skills:
• CISSP or equivalent knowledge
• CCNP Security or similar Cisco certification(s) is an advantage
• Hands on experience with computer forensics, penetration and vulnerability testing tools, conducting internal audits, independently building systems to run security tools from the ground up
• Ethical Hacking or Security Analyst experience helpful
• Prior experience in leading or participating in Incident Response/Handling teams
• Minimum 4-5 years experience in an IT Security role focusing on system, network, infrastructure/application level vulnerability testing and auditing
• Strong familiarity with common standards for IT security and Cyber Defense
• Strong working knowledge of Microsoft Windows Active Directory, LDAP, Internet and network security technologies and protocols such as: TCP/IP, firewalls (including application firewalls), routers, switches, IDS/IPS, Anti-Virus, SIEM, Web Proxy, VPN, Linux, Encryption technologies products, etc. You should have previous hands-on experience building and supporting at least a few of these technologies.
• Strong knowledge of network security encryption methods, IPSEC, Kerberos, Authentication concepts
• Working knowledge and experience ensuring compliance with the following standards: PCI, SOX
• Excellent oral, written and interpersonal communication skills, Must be passionate about IT Security; decisive and confident: be comfortable defending a strong security posture to any level in the business
• Proven ability to work independently while being part of a team, Strong problem solving and decision making skills
• Must be focused, energetic, meet commitments, willing to take ownership, have excellent judgment and integrity
Job opportunity: employee position