Remote working available - ability to hire in Ireland, Serbia, Lithuania, Spain
Daon, www.daon.com, is an innovator in developing and deploying biometric authentication and identity assurance solutions worldwide. Daon has pioneered methods for securely and conveniently combining biometric and identity capabilities in multiple channels with large-scale deployments that span payments verification, digital banking, and securing borders and critical infrastructure. Daon’s solutions provide our customers with choice, making it easier and safer for people to conduct business online, travel, vote, and so much more. Daon’s IdentityX® Platform for mobile biometric authentication removes friction from the authentication process while dramatically reducing fraud to previously unattainable levels. IdentityX allows businesses to conduct transactions with any consumer at any time with total confidence. Get to know us on Twitter, Facebook and LinkedIn.
The Part You will Play – Role Summary:
As the Lead Cloud Security Engineer, you will be supporting Cloud Services Team in the development of security controls, mentoring others in technical security concepts and ensuring secure cloud practices are followed. You will play a meaningful role in maintaining the controls that enable our organization to operate expertly, cost effectively, and within compliance standards. You will also assist others in interpreting, understanding, and applying information security policies and standards to mitigate information security risks. You will develop positive partnerships and work closely with other members of the Information Security and Legal Compliance teams in a coordinated and focused manner.
Essential Functions & Role Responsibilities:
- Support cloud certification activities, system hardening, vulnerability testing, and scanning.
- Continuously evaluate Daon’s cloud security practices, help to define, standardize, and measure security-related activities, and demonstrate concrete improvements to our security posture.
- Monitor systems for security incidents and vulnerabilities. This includes developing monitoring and visibility capabilities as well as reporting on incidents, vulnerabilities and trends.
- Respond to information system security incidents, including the investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches.
Critical Success Factors - Knowledge & Experience:
- Experience in applying OWASP tools and techniques in the context of cloud hosted services including hands-on experience in performing vulnerability scanning and penetration testing
- Experience with secure configuration best practices and the hardening of critical Linux systems
- Experience with web application security and the use of technologies such as load balancers and reverse proxies
- A thorough understanding of network topologies and design regarding security best practices such as defense in depth and least privilege
- Comfortable using the Linux/UNIX command line interface
- Basic scripting abilities in Bash (Mandatory) and Python (Desirable)
- Experience of AWS and its various services (EC2, RDS, VPC, EKS, S3, Route53, KMS and IAM etc) from the perspective of security testing, audit and compliance
- A deep understanding of common network protocols and services (TLS, DNS, HTTP, SSH, SMTP)
- Experience with enforcing security best practices in containerized deployments (Ideally ECS and/or Kubernetes)
- Familiarity in SCM usage (Git preferred)
- Experience in preparing for, and participating in, external security audits such as ISO 27001, SOC 2 and HIPAA etc.
- Experience in liaising with external penetration testing and vulnerability assessment providers.
Critical Success Factors – Personal Traits & Characteristics:
- Excellent written, verbal, and interpersonal communication skills
- Problem solving skills to solve problems effectively and creatively while maintaining a high level of flexibility, professionalism, and integrity
Education, Training & Experience Required:
- Bachelor's degree or equivalent work experience; Advanced degree preferred.
- Five (5) years of experience with AWS, network security, and system security
- Certifications in CISSP, CISM, CEH, etc, or AWS Certified Security
- An opportunity to work in the growing world of biometric and identity management technologies.
- Competitive compensation & benefits
- Flexible working environment to create a very balanced work/life schedule for you and your family.
And much more!