Security Engineer

  • Sarajevo, Bosnia and Herzegovina
  • Employees can work remotely
  • Full-time

Company Description

Who we are: 

Forsta is the new brand for the merged businesses of FocusVision and Confirmit & Dapresy, and is a full-spectrum, Customer Experience and Research Technology solutions provider, servicing professional client enterprises directly. Our technology allows our clients to gather, analyze and share data for Voice of the Customer Programs & Market Research. If you want to join an exciting growth brand, then we are your natural choice.

Our Legal and GRC (Governance, Risk management and Compliance) department keeps us all out of trouble. This highly educated and astute group possesses lot of knowledge about how we work, how we sell, and about laws and regulations in the countries we operate in. They play critical roles in reviewing, negotiating and drafting contracts and agreements. Basically, they ensure we operate professionally, legally, and ethically with respect to everything we do.

Job Description

Reporting into the Security Operations Manager based in Bosnia and Herzegovinian and working closely with one UK and three US-based team members, you will perform an integral role within the organization responsible for security engineering. This might involve implementing and testing new security features, planning computer and network upgrades, troubleshooting, and responding to security incidents.

 

The individual will be a hands-on specialist directly responsible for security engineering tasks, ensuring the compliance and security posture of Forsta. Overall, you will ensure that security is integrated into all aspects of IT engineering and promote a safe and secure operating environment.

Focused regionally to provide global support across time zones, the Legal and GRC function comprises two specialist areas: (1) a dedicated Legal team for our critical transactional work (customer, partner and supplier relationships), legal operations, and all types of advisory work including strategic projects, intellectual property, real estate, disputes, employment, and data privacy; and (2) an information Security and GRC team, responsible for Forsta’s approach to governance, risk management and compliance, at board level and throughout the company. Coordinated GRC activities (e.g., Information Security, Privacy, Enterprise Risk Management programs) enable our organization to reliably meet its objectives while addressing uncertainty and acting with integrity and transparency.

Join us and bring your unique talents, perspective and ideas - and make us even better!

 The primary responsibilities of this role are to:

A security architect creates and designs security for a system or service, maintains security documentation and develops architecture patterns and security approaches to new technologies. At this level, you will:

·     Identifying security measures to improve incident response

·     Responding to security incidents

·     Coordinating incident response across teams

·     Performing infrastructure security assessments and working with the application security specialists to resolve vulnerabilities

·     Developing technical solutions to security vulnerabilities

·     Assist in the research of new attack vectors and developing threat models

·     Automating security improvements

·     Assist to recommend security controls and identify solutions that support a business objective

·     provide specialist advice and recommend approaches across teams and various stakeholders

·     advise on important security-related technologies and assess the risk associated with proposed changes

·     help review other people’s work

·     Assist in the research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate design decisions

Technical Skills

•      You have a deep and broad understanding of IT systems and services having worked previously as a penetration tester or network engineer

•      You can effectively translate and accurately communicate security and risk implications across technical and non-technical stakeholders. You can manage stakeholders’ expectations and be flexible, adapting to stakeholders’ reactions to reach consensus.

•      You can interpret system architectures and translate into technical designs.

•      You can work to capture as-is design, document, and review, delivering a risk-based assessment to the efficacy of the design’s security engineering

•      You possess a good working technical knowledge of network and web protocols, infrastructure, authentication, log management and multiple operating systems and databases

•      You have strong knowledge of system architectures. You can understand and articulate the impact of vulnerabilities on existing and future designs, systems and how easy or difficult it will be to exploit these vulnerabilities.

•      Bachelor’s degree in IT Security, or related vocational qualification such as: CompTIA Security+, CompTIA Network+,

•      Knowledge of at least two of the following key standards; SOC2, ISO 27001, HITRUST and NIST 800-53 (FedRAMP) Execute and track the performance of security measures to protect information and network infrastructure and computer systems.

•      Configure, troubleshoot and maintain security infrastructure software and hardware.

•      Install software that monitors systems and networks for security breaches and intrusions.

•      Prepare and document standard operating procedures and protocols

•      Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks

•      Ensure that the company knows as much as possible, as quickly as possible about security incidents

Qualifications

 

What you bring to the team

•         Team-oriented attitude with the ability to effectively negotiate and build consensus with various audiences during contracting activities, leveraging team members in the US and in Europe.

•         High attention to detail

•         Fluency in English

•         Must be capable of handling multiple assignments concurrently and possess excellent time management and organizational skills

•         Preference / experience of working in a fast-paced commercial environment. 

Additional Information

What we offer:

Forsta is a great place to advance your career, and we have an amazing culture. To those of us who already work here, Forsta is more than “just another job”. We work hard, but Forsta is an employer that provides ample opportunities to learn, grow, and express creativity. The management team has an open-door policy and encourages collaboration at every point in every process. Our team members are much more than just co-workers – we’re all friends working toward a common goal.

  • Opportunity to work in a fast-paced, market leading SaaS company, with colleagues and customers from all over the world and an experienced executive leadership team
  • Exciting challenges in an international environment
  • Competitive salary and regular performance reviews
  • Flexible location and working environment – possibility to work from home
  • Benefits like generous vacation days, employee referral bonuses, Employee Support Program, Internal Mobility program, etc.
  • and many more…

Interested in joining a great team?

If you have the qualifications listed above and want to join a great team, apply now!

A copy of our privacy policy can be found here: https://www.forsta.com/privacy.html 

 

Our privacy policy can be found here: https://www.forsta.com.privacy.html 

Privacy Policy