Wallencore is a Canadian company with an American accredited software testing laboratory and a provider of innovative cybersecurity solutions and services (www.wallencore.com). Our software testing services comprise everything from functionality to automation and performance that enable us to offer behavioral adherence and quality solutions. Moreover, Wallencore offers a range of cybersecurity services that help our clients prevent and respond to evolving threats, including penetration testing, vulnerability assessments, social engineering, digital forensics, etc.

Wallencore is looking for a talented hands-on DevOps professional to help architect and manage the secure operation of the company’s and our client's cloud-based technical infrastructure. This role includes responsibility for technical security implementation, administration of network security systems, creating and maintaining accurate technical documentation, and a lead role communicating our technical solutions with internal compliance and external security auditors. If you have a passion for cutting edge cloud services, a deep interest in cybersecurity architecture and information security technologies, have the ability to convert complex requirements into efficient designs, and enjoy working in a fast-paced environment with talented engineers then Wallencore is for you.

Job Title: DevOps Security Engineer

Job Description:

As DevOps Security Engineer, you will be a primary owner of Wallencore's technical security administration and reporting responsibilities ranging from planning, implementation, and administration of network security technology for our corporate, development, and production infrastructure on the Amazon AWS cloud. You will be required to implement and upgrade cloud compute instances, databases, and network infrastructure using security best practices. The successful candidate will have a lead role in security technology selection, deployment, and ongoing management for mission-critical production services. This role requires excellent written and oral communication skills as you will be interfacing with Wallencore's customers, management, and internal functional teams at all levels. 

Key Responsibilities:

• Serve as a key member of the DevOps team with a focus on security while managing the overall system health, performance, and capacity of Cloud9 internal and client-facing systems.
• Contribute to Continuous Integration and Continuous Deployment (CI/CD) solutions in an AWS.
• Contribute to automation of our code delivery pipeline with the goal of one-click deployments, rollbacks, and parameterized builds.
• Lead projects through design, pilot, and deployment for new security solutions across a large-scale production cloud environment.
• Implement, configure, and upgrade cloud computer systems, servers, firewall, intrusion detection, and network infrastructure using security best practices and incorporating solutions to meet or exceed SOC2, ISO 27001, and other regulatory requirements.
• Research security trends and emerging technologies, identify our business and technical requirements, perform technical evaluation, and support deployment of multi-regional security solutions.
• Review implementation of security controls and evaluate effectiveness, make recommendations for improvements.
• Experience in writing Infrastructure as Code (IaC) in an AWS cloud-based environment via an infrastructure CI/CD pipeline.
• Operational expertise working in at least one of Identity and Access Management, Network Security, Data Security, Digital Security, PKI.
• Experience with Terraform coding and deployment; Docker and Kubernetes also nice to have.
• Experience with some of the Cloud Native security tooling in areas of Vulnerability Management, Encryption, Cloud security, Network security.
• Good understanding of AWS IAM, VPC, Security group, and KMS.
• Experience with delivering in an Agile manner, particularly Scrum.
• Collaborative, keen to learn, and quick to adapt.
• Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the institution in its best light. Provide guidance, evaluation, and advocacy on audit responses.
• Keep abreast of security incidents and act as the primary control point during information security incidents.

Qualifications:

• Bachelor’s degree preferred in the fields of Cyber Security, Computer Science, Information Security, IT Engineering, Information Systems, a related field of study, or an equivalent combination of education and work experience.
• 2+ years related experience.
• Experience in working with company/client or equivalent vendor-mandated methodologies.
• Proficiency in English with excellent academic writing skills.
• Experience with penetration testing standards and methodologies such as OWASP, PTES, PCI DSS, OSSTMM, ISSAF, NIST Cybersecurity Framework, MITRE ATT&CK, etc.
• Experience in different penetration testing strategies such as Black Box, White Box, and Grey Box.
• Extensive knowledge of computer networks.
• Extensive knowledge of cryptography, reverse engineering, and wireless technologies.
• Knowledge of common security protocols and the technologies used to exploit those protocols.
• Familiarity with the OSI Model and TCP/IP Model.
• Proficient in Microsoft Windows operating systems.
• Proficient in Linux-based operating systems such as Ubuntu, Kali Linux, Parrot OS, etc.
• Proficient in security assessment tools such as Aircrack-ng, Burp Suite, Shodan, etc.
• Comfortable using the command line interface of Linux Terminals.
• Experience in setting up virtual machines using virtualization software such as Virtual Box, VMware.
• Ability to apply structured problem solving (taking a large, complex problem and breaking it down into components, involve others as needed, drive resolution).
• Ability to set a vision and drive tactical execution, willing to roll up the sleeves to complete projects in an environment with competing deadlines.
• Enjoys working in a fast-paced changing environment; ability to be flexible and resilient.
• Excellent time management skills with the ability to organize and prioritize effectively.
• High aptitude for managing and solving tactical issues.
• Impact, influence, and successful stakeholder engagement experience across multiple sites and levels of leadership from new managers to senior leaders.
• Meticulous approach towards the delivery of their work with an eye for details.
• Poise, maturity, and interpersonal skills to deal professionally and effectively with senior management.
• Polished communication skills, active listener, and ability to synthesize high-level technical information.
• Strong analytical skills, ability to create viable solutions, innovation, and ability to execute flawlessly.

Personal Attributes:

• Passion for the business-driven and committed;
• Great Team player;
• High integrity;
• Excellent communication skills and ability to work with different personalities and temperaments;
• Flexible and adaptable to a rapidly changing environment;
• Able to work autonomously and proactively;
• Proven influencer and negotiator;
• Creative and excellent problem solver;
• Tenacious;
• Self-starter and self-motivator;
• Ability to multi-task;
• "Can-Do" approach to a wide and rapidly changing workload;
• Willingness and ability to accommodate different time zones;
• Willingness to work from time to time over extended hours to achieve goals set by immediate manager or top management.

What will you benefit:

• Private Health Insurance;
• Opportunity for employment in a global company;
• Continuous professional development through on-the-job training.

Place of work:

Prishtinë, Republic of Kosova.

How to apply:

To be considered for this exciting opportunity, please send your CV, letter of motivation, and supportive documents to [email protected] by July 30, 2021 at the latest. Please state clearly “DevOps Security Engineer and your full name” in the subject line.