Security Engineer

Tasks

  • Automation of the search and elimination of vulnerabilities in the infrastructure and product.
  • Suggesting possible ways of operation and recommendations for their elimination.
  • Exploring new tools in the security market and implementing them to eliminate threats.

Our expectations

  • Confident knowledge of Linux and Docker.
  • Understanding the security issues of large infrastructure. Knowledge of modern attacking techniques, attack vectors of penetration into the infrastructure, and knowledge of standard solutions.
  • Knowledge of attack vectors and methods of protecting WEB applications (OWASP TOP-10), and understanding of modern WEB technologies.
  • Good knowledge of network technologies and protocols within Linux (TCP/IP, HTTP, TLS, HTTP Proxying, iptables/nftables).
  • Ability to automate your activities using Bash/Python/Go/Ansible/Terraform.
  • Understanding and ability to apply Infrastructure as Code approaches.

Will be a plus

  • Experience in conducting pentests.
  • Experience in implementing security controls using the Zero Trust approach.
  • Experience working with Service Mesh solutions.
  • Experience working with WAF/IDS/IPS type systems.
  • Experience in embedding tools for static and dynamic vulnerability analysis of applications in development processes.
  • Experience in developing web applications or experience working in the role of AppSec.
  • Knowledge of Prometheus and Grafana Loki.
  • Or the desire to develop in the above listed areas.

Additionally

  • Willingness to discuss relocation to Georgia.
  • Office-based work in Tbilisi.
  • Flexible time-off and holiday policy.