Kubernetes Security Engineer

  • Full-time

Company Description

Arηs is a fully independent group of companies specialized in managing complex IT projects and systems for large organisations, focusing on state-of-the-art software development, business intelligence and infrastructure services.

We are composed of 13 entities across 6 countries that are unified by the Arηs Group, with more than 1750 consultants.

This corporate structure enables us to respond quickly to market changes and customer requests, and to communicate and make decisions without layers of bureaucracy.

Our success can be attributed to the synergy among our nine complementary entities, combined with our methodologies, which are based on the Rational Unified Process (RUP) and the Scrum agile software development framework.

Established in 2016, the Greek entity Arηs Developments Hellas aims to extend Arηs Group activities dedicated to the European market providing high-quality services in Software Development, covering the entire application development lifecycle: starting with user requirements, business process redesign and specifications, to continue with development, testing and application maintenance.

Job Description

We are currently looking for a Kubernetes Security Engineer to join one of the biggest European organizations in Hague, Netherlands.

Tasks:

  • Installation, configuration, maintenance and upgrades of cyber security solutions and components, with a specific focus on cloud native technologies (containers based on Docker/Kubernetes, etc.)
  • Monitor managed components and manage incidents and problems
  • Perform day-to-day system management with regards to cloud native security components, on premises as well as on public cloud deployments (AWS and Azure Cloud)
  • Harden system and network components
  • Develop,  maintain  and  roll-out  reference  configurations 
  • Implement and follow security policies
  • Develop   and   maintain   system   inventory/CMDB,   system   documentation, operating procedures for all the work performed
  • Report on service performances and availability, produce dashboards
  • Design, develop, install, configure, test, monitor, maintain, troubleshoot and upgrade cyber security infrastructure with a specific focus on cloud native technologies (containers based on Docker/Kubernetes, etc.)
  • Provide expertise, guidance, recommendations and documented security configurations for implementation of security tools and processes
  • Produce detailed engineering specifications
  • Evaluate and recommend secure configurations
  • Identify   security   requirements,   based   upon   need   or   translate   high-level   security requirements into detailed technical requirements
  • Support various technical and non-technical stakeholders to specify and negotiate security requirement
  • Interact  with  network  and  system  engineering  teams  to  effectively  communicate  and develop security solutions
  • Drafts documentation and standard operational procedures to support security systems operations
  • Ensures the technical design and contributes to implementation of new components and/or enhancements in coordination with other team members in particular project managers, security architects and engineers.
  • Support data integrity assurance work is completed through appropriate back-ups methods to ensure RTO are met
  • Support security monitoring use-case engineering
  • Security events collection technical design. Integration of log sources into a SIEM solution.
  • Elaboration and translation of the security monitoring policy into monitoring rules
  • Investigate, diagnose and solve system related problems with regards to security services and infrastructure, on-premises as well as on public cloud deployments
  • Diagnose  and  solve  problems  and  faults  occurring  in  the  operation  of  cyber  security components
  • Comply with organization procedures to ensure integrity of the system
  • Recommend resolutions and improvements
  • Provide consolidate findings on components or processes
  • Document cyber defence components configurations
  • Ensure  that  communication  performance,  recovery,  and  security  needs  meet  agreed service agreement standards
  • Contribute to define network design policies, philosophies and criteria
  • Craft,  finetune  and  validate  low  level  intrusion  detection  rules  for  network  and  host protection
  • Development, test and roll-out new releases of Identity and Access Management solutions 
  • Certification: Certified Kubernetes Security Specialist, Azure Security Engineer Associate (AZ-500), GSEC (GIAC Certified Security Essentials), GCUX (GIAC Certified UNIX Security Administrator), Linux Foundation Certified System Administrator (LFCS), CCSP, CCSK or similar

 

Qualifications

Mandatory:

  • Bachelor plus minimum of  6 years of experience in security and system engineering
  • A minimum of 2 years of experience in network and system security administration
  • A minimum of 2 years of experience in Kubernetes/cloud native security engineering
  • Ability to write comprehensive documentation 
  • Knowledge of authentication, authorisation and accounting (IAM, Federation, RBAC, service accounts) for on-premises and public cloud deployments
  • Knowledge of container security for on-premises and public cloud deployments
  • Administration and task automation using scripting and/or programming languages (e.g. Python, PowerShell, Perl, Java) for on-premises and public cloud deployments
  • Working knowledge of English (level to be specified: B2  or higher)
  • Certification: Certified Kubernetes Security Specialist, Azure Security Engineer Associate (AZ-500), GSEC (GIAC Certified Security Essentials), GCUX (GIAC Certified UNIX Security Administrator), Linux Foundation Certified System Administrator (LFCS), CCSP, CCSK or similar

Desirable:  

  • A minimum of 2 years of experience in Kubernetes/cloud native security testing
  • Knowledge of Network Protocols for on-premises and public cloud deployments 
  • Knowledge of Security protocols for on-premises and public cloud deployments
  • Knowledge of Cryptographic solutions for on-premises and public cloud deployments
  • Auditing systems and networks for configuration weaknesses and vulnerabilities for on-premises and public cloud deployments
  • Hardening/Securing   of   Unix-like   systems, logging/detection, and general systems design for on-premises and public cloud deployments
  • Knowledge of security monitoring and automated response for on-premises and public cloud deployments
  • Enterprise Active Directory and GPO development for on-premises and public cloud deployments


 

Privacy Policy