IT Security Engineer

Are you already experienced in the world of security and would you like to develop yourself technically and in your career? At NVISO you have the opportunity and we look forward to getting to know you!

WHO ARE WE?

It all starts with the mission: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents.

All of this is built on four fundamental values that define who we are: We are Proud, We Break Barriers, We Care and No BS!

WHAT WILL YOU DO?

The mission of the IT Security Engineering team is to keep the IT environment safe from Digital Security Threats.

It accomplishes this mission in close collaboration with the internal CERT/CSIRT team that identifies and prioritizes problems to be addressed and with local and divisional IT asset and service managers that hold operational responsibility for the assets affected by the identified problems.

As a member of the IT Security Engineering team you engineer, integrate and deploy security best practice solutions to the identified problems with a pragmatic approach. You guide IT asset and service managers and business towards a security-first posture.

As a IT Security Engineer, you will:

  • Consult with the Global CERT to help qualify problems and agree on the best practical solution possible
  • Plan and execute implementation / deployment of security solutions in consultation with asset and service managers
  • Provide input to CERT and the Digital Security Function on security problems that may not yet be visible to these functions, but that need to be addressed
  • Operate across your regional scope
  • Assess, design, implement, automate, and document security processes and solutions
  • Assist with Security Incident Response & Problem management
  • Investigate and resolve security violations by providing postmortem analysis to illuminate the issue, and identify causes, possible solutions, and preventative measures
  • Ensure optimal collection of digital security program quality metrics as both program performance indicators and enterprise risk indicators

REQUIREMENTS

What you will bring:

  • A willingness and ability to cooperate across cultural boundaries with expert functions and peers in IT;
  • Thought leadership in security engineering;
  • A proper mindset: can-do; collaborative; respectful; optimistic;
  • Bachelor/Masters degree in informatics/engineering or equivalent through experience;
  • 3 years or more experience in IT Security related functions (system, network, IAM, ….);
  • experience extracting pertinent security data from systems, audit, logs, … to create security reports and to comply with audit requests;
  • Passionate about cyber security;
  • You keep track of the latest vulnerabilities, network, system, application and architectural weaknesses;
  • You have a broad knowledge about IT Security in general but a detailed knowledge from at least 2 of the topics listed below:
  • Application security
    • Application & API protection
    • Web application firewalling
    • Web application security
    • Penetration testing
    • E-mail & Internet applications
  • Telecommunications & Network Security
    • Modern LAN/WAN/WLAN infrastructure
    • Firewalls
    • IDS/IPS
    • VPN & Remote Access technologies
    • Network attacks & countermeasures
  • Cryptography
    • Modern Cryptography technologies
    • PKI Infrastructure
    • Key Management
    • SSL/TLS
    • Attack methods
  • Cyber security operations
    • Security incident handling and problem management
    • Analysis and reporting of detected or reported security incidents or issues
    • Vulnerability & patch management
    • Cloud infrastructure security, preferably Azure
    • Malware analyses and malware techniques
    • Monitoring & Reporting
  • Identity management & Access Control
    • Concepts and purposes of access controls and identity management
    • IAM control services
    • IAM control attacks
    • IAM control provisioning lifecycle
    • Modern authentication & authorization protocols (e.g Oauth, SAML, OpenID, …)
  • Experience with Microsoft Operating systems and Linux
  • Knowledge of and experience with the ITIL incident, change, demand & capacity processes
  • Able to work independently but at the same time a motivated team player
  • Above average analytical skills and a drive to improve processes
  • Able to take initiative for improvement without neglecting the general concept and context
  • Very good knowledge of the English language

WHAT DO WE OFFER?

At NVISO, we care. We are committed to offering you a highly competitive remuneration package including financial and non-financial components:

  • Working and learning from the best people in the European cyber security industry. We have multiple SANS Instructors working at NVISO, our staff has presented at popular hacking conferences (BlackHat, BruCON, OWASP, etc) and all of our technical staff can acquire deep technical security certifications (GSE, GXPN, GREM, GCFA, OSCP, etc)
  • A very attractive training budget, with great flexibility for choosing trainings as long as they contribute to your personal development;  
  • An entrepreneurial and agile company, where you will be stimulated and supported in driving new initiatives (either through internal innovation or by improving our service offering), without losing sight of having fun!
  • Regular team-building and fun events with legendary off-site events once a year. The location of the next team building is one of the most closely guarded secrets at NVISO… We can however disclose that we’ve visited Lisbon, Dubai and Malta over the past few years
  • Flexible working hours and home office possibilities
  • Flex Reward Plan
  • 32 holidays

IF YOU'RE INTERESTED, PLEASE SEND US YOUR APPLICATION: HERE

WE'RE LOOKING FORWARD TO MEET YOU! 

Wir unterstützen Sie
NVISO
NVISO
NVISO
NVISO GmbH
Holzgraben 5
60313 Frankfurt am Main