Information Security Engineer
- Zagreb, Croatia
- Department: Corporate Security
- Office: Zagreb (Croatia)
At Infobip we dream big. We value creativity, persistence and innovation, passionately believing that it is through teamwork that we can all reach greater heights. Since 2006, we have been innovating at the edge of technological possibilities and are now shaping global communications of the future. Through 60+ offices on six continents, Infobip’s platform is used by almost 70% of the population, making it the largest network of its kind and the only full-stack cloud communication platform (cPaaS) globally. Join us on our mission to create life-changing interactions between humans and online services with new and unseen solutions.
Why is this role important at Infobip?
Every great company’s success starts with having a great product. To write our success story, it is essential that our global, cloud-based products are supported with a stable infrastructure. As a Security Engineer, you will have an impact on security aspects of the infrastructure and full application stack which makes the Infobip platform in multiple environments (dev, staging, production), dealing with challenges of protecting the security posture of a complex multi data-center architecture and continually improving it.
You know you are doing a good job when:
- Tools owned by Security team are managed and maintained to support the Infobip platform SLA.
- Vulnerabilities are detected early and mitigated in a timely manner.
- Security measures for the protection of computer systems, networks and information are implemented and monitored.
- Tools to assist in detection, prevention and analysis of security threats are properly implemented and updated regularly.
- Networks and systems are monitored for security breaches, with the use of software that detects intrusions and anomalous system behavior.
- Comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement are written.
More about you:
You possess at least:
- Experience with popular System Virtualization and application containerization.
- Understanding of security technology infrastructure components (Firewalls, VPN, Data Loss Prevention, IDS/IPS, Web-Proxy, SIEM, Sandbox, Antispam and Security Audits).
- Understanding of Endpoint security solutions (antivirus, OS and File encryption, host-based intrusion detection, detection & response tools, file integrity monitoring and data loss prevention).
- Understanding the difference between TTP and IOC, with ability to consult different teams on TTP and/or IOC’s so they can create/modify rules, so that possible attacks are detected.
You possess (the more the better):
- Knowledge of securing, or monitoring cloud infrastructure, especially AWS/Azure
- Experience with Windows, MacOS, & Linux security hardening/monitoring techniques
- Experience with Vulnerability Scanners and ability to interpret and prioritize results of Vulnerability Scans and you know how to do initial risk assessment based on results.
- Experience in software development/scripting with building & integrating tools, especially by using web APIs to support automation of security tools.
- Calm while investigating security breaches, like to be a part of Incident response team where you should include steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and detect the extent of the damage.
- Ability to identify security event root causes by gathering and synthesizing evidence from a variety of disparate systems.
- Great awareness of cybersecurity trends and hacking techniques with ability to understand trend’s and techniques that will follow with written track how we can improve and protect from it (if we are not already protected).
- Knowledge on how to utilize SIEM solution for Threat hunting.
- General understanding how Machine Learning work’s in Security space.
- Experience with planning, researching and developing guidelines, procedures and technical requirements for Security tools.
- Top candidates will be comfortable working with a variety of technologies, security challenges.
- You are genuinely curious about how things work, you enjoy solving problems, working on them until you find the solution and understand their cause.
- You have an ability to adapt fast and like working in a high-paced environment.
- You build positive, lasting relationships with colleagues in the team.
- A degree in Computer Science, IT, Systems Engineering or a related qualification.
- Security certifications, publications, and/or security project contribution is a plus
Why you should consider this opportunity:
- Big and complex infrastructure – When we talk about a large system, we really mean it. We have datacentres all over the world, from Washington to Hong Kong, and they include around 200 physical and 2000+ virtual servers. Be a part of a system that is live 24/7 and generates traffic that measures in millions of messages every minute.
- Never a dull moment – We work with powerful companies with strong impact, which pushes us to work on the highest possible level. Work on uncharted challenges and push boundaries on a daily basis.
- Opportunity Knocks. Often. – Being a part of a growing company in a growing industry – we challenge you not to grow! Lots of opportunities for development; whether it’s horizontal, vertical, or angular, we want to support the path that you want to carve.
- Grow your knowledge – Learn as you go, starting from the internal education and onboarding from your colleagues, to our 3-day Dev conference, e-learning to attending conferences. Knowledge is for sharing, and learning is a path to growth.
- Compensation & Benefits – Competitive salary, travel allowance, expatriate compensation packages for your business trips, rewards and holiday bonuses, team buildings and other organised activities, company library, organised sports, kitchen stocked with the usual suspects... Talk about a balanced lifestyle!