Summary
The Senior Security Engineer will act as a technical expert in supporting the day to day activities of the department in order to maintain the confidentiality, integrity and availability of the organisations information assets.
They will also help to design/innovate, deploy and manage security controls in a highly secure global SaaS organisation that has multiple certifications such as PCI DSS, ISO/IEC 27001, SOC & HIPAA.
Carrying out activities such as secure code review, vulnerability scanning, penetration testing, endpoint protection, SIEM reviews and security detection in multiple SaaS environments.
The Senior Security Engineer will develop an effective working partnership with DevOps/Developers, to ensure security best practices are embedded into their processes/pipeline, as well as working closely with the Architecture and the Operations teams to embed security into activities and projects, based on our standards.
About Smart Communications
Smart Communications is a leading technology company focused on helping businesses engage in more meaningful customer conversations. Its Conversation Cloud™ platform uniquely delivers personalized, omnichannel conversations across the entire customer experience, empowering companies to succeed in today’s digital-focused, customer-driven world while also simplifying processes and operating more efficiently. Smart Communications is headquartered in the UK and serves more than 650 customers from offices located across North America, Europe, and Asia Pacific. Smart Communications’ Conversation Cloud platform includes the enterprise-scale customer communications management (CCM) power of SmartCOMMTM, forms transformation capabilities made possible by SmartIQTM and the trade documentation expertise of SmartDXTM. In 2021, the company acquired Assentis, a leading European software solutions provider specializing in customer communications management (CCM) with a focus on the financial services industry. To learn more, visit smartcommunications.com.
Who are you?
You have a proven track record working as a security engineer in Cloud environments but are looking to take on a new role to broaden your experience.
You will have worked on a variety of challenging projects, with multiple security tools & be confident working with internal stakeholders to make sure the organization is compliant with PCI DSS, ISO/IEC 27001 and SOC & HIPAA controls.
You thrive in searching for answers on technical security issues.
The responsibilities of the role include:
- Undertaking activities such as secure code review, vulnerability scanning, penetration testing, endpoint protection, SIEM reviews and security detection in multiple SaaS environments
- Monitoring, actioning and reporting on security events
- Tracking and remediating information security vulnerabilities
- Reporting on the status of information security and compliance across the business and working partnership with DevOps/Devs
- Supporting the team in compliance and information security activities for certification requirements
- Completion of security questionnaires/RFP’s
- Engage with prospects and customers in regards to their security requirements
What we're looking for:
Must have skills/experience:
- German and English speaking and written
- Demonstrable experience of managing security solutions (Secure Code Scanning, SIEM, IPS, IDS, Vulnerability Scanning, Penetration Testing,) directly, or through an MSSP, in a cloud-based environment
- Good experience with scripting languages, such as Java, PowerShell, Windows Shell Script etc.
- Windows Infrastructure and Linux Experience
- AWS Application Security Experience
- Clear and adaptable communication skills
- The ability to work independently, use your own initiative and to think creatively – as well as having a collaborative and team-oriented attitude.
- A clear development path that shows how you have progressed your career
Advantageous skills/experience
- Security certifications (CEH, CISSP)
- Threat Intelligence, Penetration Testing experience
- Alert Logic, Secureworks, Veracode, Qualys
- Experience with frameworks such as ITIL, COBIT 5
We look for the following core competencies in everyone we hire at Smart Communications:
- Analytical Ability – effectiveness in analyzing situations and identifying key issues.
- Planning and execution – monitoring progress, taking action when necessary to rectify situations / meet deadlines.
- Proactive – taking responsibility for making things happen.
- Social Magnetism – taking actions, that show awareness of one’s own impact on others.
- Teamwork – collaborating with and promoting collaboration between different parts of the business.
- Technical expertise – keeping up to date technically within one’s own functional area.
- Adaptability – stability of performance under uncertainty and pressure.
- Communication & influence – using appropriate interpersonal styles and methods of communication to influence others positively to obtain agreement between different interests.
What's the deal?We will provide you with the tools, equipment and support to give you the best possible chance of success and over-achieving your goals. Salary will depend on your experience and will be highly competitive. All our packages include an annual bonus based on the Company’s performance, so we are all incentivised to over-achieve!
In addition to a friendly, flexible and fun working environment, we provide a range of other benefits, including pension contribution and 25 days’ holiday allowance.
Since the start of the pandemic we have transitioned to complete remote working. We anticipate continuing to offer flexible remote working options, as such we’re open to candidates whose preference is office-based, remote, or something in-between. However, the ability to attend meetings in our offices may be required as we transition to the “new normal”.
We have an office in Saarbrücken, Germany and our Technology Head Office is located in Elstree, UK.
So if we interest you, please let us know by applying for this position and tell us all about yourself.
Please note: we only consider applicants with current legal right to work in the countries in which our positions are based. All qualified applicants will receive consideration for employment regardless of race, colour, religion, sex, national origin, sexual orientation, age, disability, marital status or gender identity.
To learn more about Smart Communications visit:
https://www.smartcommunications.com/