Nexxiot is digitalizing freight asset management with technology that now oversees the world’s most extensive network of connected intermodal containers and railcars.
Clients gain access to unparalleled real-time data, which streamlines fleet management and automates logistics processes. Nexxiot devices, built for resilience, withstand extreme conditions and provide long-term, detailed insights into cargo events, including impacts, delays, safety and security incidents, and loading activities.
Based in Zurich, Switzerland, Nexxiot’s influence extends globally. Our team, comprised of industry experts, operates from offices in Europe and North America and maintains a presence in a majority of depots, ports, and rail yards.
To learn more about how Nexxiot is leading the value generation for the rail industry, please visit www.nexxiot.com.
As a Cybersecurity Engineer working at Nexxiot you are part of an interdisciplinary agile Site Reliability Engineering (SRE) team, responsible for implementing secure, compliant, reliable, scalable, and resilient cloud infrastructure. Working closely with the rest of the team your goal is to design, implement and test cloud infrastructure solutions and to operate and maintain the resulting software and cloud infrastructure services according to our Site Reliability Engineering (SRE) practices and with focus on cybersecurity. As Cybersecurity Engineer you are reliable and pragmatic, taking the right tools for the job, you love reading and learning new things to the degree needed to get the job done.
Profile Description
You are a curious and open-minded team player who is keen to learn and apply effective and innovative solutions. Goal oriented, well organized, and comfortable to work independently. You prefer to automate recurring tasks and to create tools and procedures that help to conduct manual activities semi-automatically. You have technical writing capabilities (in English) which enable effective and understandable write-ups of knowledgebase entries and to document your software services, procedures, and tools. You are fluent in English having decent communications skills and you feel comfortable working remotely, asynchronously collaborating with your team members via chat channels, audio, and video calls.
Responsibilities
- Collect relevant cybersecurity information (e.g., vulnerabilities, misconfigured systems, ...), process them, turn them into actionable mitigation measurements, and coordinate their implementation across teams.
- Establish cybersecurity related tools, metrics and KPIs, reporting them to the Chief Information Security Officer (CISO).
- Design, evolve and implement cybersecurity framework and guidelines in collaboration with the Chief Information Security Officer (CISO).
- Implement Software Bill of Materials (SBOM) and Open-Source Software License Management related tools, processes, metrics and KPIs and establish them across all software engineering teams.
- Organize and participate in security and compliance audit activities and support in closing gaps.
- Design and implement security and compliance related cloud infrastructure components and services including testing and writing technical documentation according to continuous integration best practices and regulatory requirements.
- Participate in agile software development activities (e.g., stand-ups, planning meetings, demos. retrospectives, …).
- Act as onboarding buddy for new team members.
Qualifications
- Over 5 years of experience in similar positions.
- Familiar with cybersecurity related technology, concepts and frameworks like OWASP, Threat Modelling and Threat Intelligence, SIEM, Zero Trust, Data Leakage Prevention, Vulnerability Management, static and dynamic Code Analysis.
- Familiar with software compliance related technology, concepts and frameworks like SBOM and Open-Source License Management.
Skills
- Open-minded team player, taking end-to-end responsibility to get things done.
- Good conceptual skills in developing solution designs, communicating, documenting, and implementing them.
- Fluent in English spoken and written.
- Effective communication and collaboration skills, you will be part of a remote team that collaborates asynchronously using tools like Slack, GitLab, Confluence and JIRA.
- Curious and eager to learn to master new tools, technologies, and methodologies.
- Experience in writing and operating infrastructure as code with focus on reliable day two operations and security.
- Acquainted with the Git version management system (e.g., Gitlab) and CI/CD best practices (e.g., Gitlab pipelines).
- Linux/Unix and shell knowledge.
- Experience in writing software in at least one of the following programming languages: Kotlin, TypeScript, Rust, Go.
- Familiar with public cloud infrastructure concepts, experience with Amazon Web Services (AWS).
- Experience with monitoring systems like for example Datadog, Grafana, Prometheus or CloudWatch.
- Experience in writing and operating secure, highly available and scalable containerized software services on top of Kubernetes or Docker is a great plus.
We will not consider CVs from agencies.
