Infrastructure Security Engineer at Deimos

As part of the Site Reliability Engineering team, you will participate in maintaining secure infrastructure solutions across a multitude of domains. You will be responsible for driving security best practices in the cloud-native space across multiple cloud providers. Cloud-Native Infrastructure Security Engineers are responsible for the proactive improvement of the infrastructure security posture in the cloud.

You will report to the Director of Site Reliability Engineering who is on a mission to deliver high-value projects built to the best of our ability.

What you will be doing in this role:

• Be part of incorporating security awareness into the company while guiding and training our ever-growing engineering team in security best practices.
• Help identify, review, and adopt new cloud security practices within the engineering teams.
• Identify and mitigate infrastructure security issues in cloud infrastructure.
• Participate in code reviewing infrastructure as code to assist site reliability engineers in identifying and reducing security risks.
• Review cloud infrastructure configuration, networking, and security group rules on cloud platforms.
• Assist with configuring and continuously improving WAF rules.
• Implement security related logging, monitoring, and alerting on an infrastructure level.
• Respond to production-level security incidents, and perform root cause analysis.

What it takes to succeed in this role:

• Proven work experience in cloud engineering within the security space and/or worked on security initiatives and projects.
• Understanding of security standards, best practices, and security knowledge frameworks such as OWASP, CIS, etc.
• Good experience and knowledge of linux systems and operating system security hardening practices.
• Experience and understanding of docker containerisation.
• Experience in working with Kubernetes.
• Worked with infrastructure deployed within cloud providers like Google Cloud Platform, Amazon Web Services or Azure.
• Experience in analysing logs on various cloud providers as well as platforms such as ELK and/or Grafana Loki.
• Worked with intrusion detection and real-time security monitoring tools.
• Experience with using infrastructure as code.
• Experience in managing and configuring Web Application Firewalls.
• A solid understanding of cloud networking best practices.

The ideal candidate has:

• Proven ability to learn new technologies quickly.
• Excellent problem-solving and communication skills.
• Critical thinking.
• Solid dependable team player.
• Exceptional customer service skills.
• Great communication skills. 
• Enjoys solving many problems per day.