🦾 Key Responsibilities

As a Senior Security Engineer specializing in Incident Response, you will be central to our incident handling efforts, applying your technical expertise and leadership. Your responsibilities include:

Incident Response & Forensics Leadership:

• Leading N3 Incident Response: Managing complex security incidents from detection to resolution, including in-depth investigations and digital forensics (SOC investigation forensics).

• Driving Mitigation & Recovery: Coordinating and leading cross-functional teams (including Development, Engineering Managers, Support, Security, and Legal) during critical incidents. Ensure timely containment, eradication, and recovery by guiding teams to stop the incident, perform forensics, and apply necessary patches.

• Post-Incident Analysis & Follow-up: Conducting thorough root cause analysis, ensuring effective patching and remediation, and diligently following up to confirm long-term resolution and stakeholder awareness. Address current challenges in follow-up due to operational demands.

• Process Improvement: Developing, refining, and documenting incident response procedures, playbooks, and escalation paths for increased efficiency.

• Crisis Exercises: Designing and leading crisis simulation exercises with various scenarios to test and improve our incident response readiness.

Proactive Security & Cloud SecOps:

• Cloud Security Tooling: Building and implementing robust cloud security tools and infrastructure to proactively prevent incidents when not actively responding.

• Security Architecture & Best Practices: Contributing to architecture design reviews, promoting secure design, and ensuring secure deployment and maintenance of cloud architectures.

• Automation: Improving and automating detection and response mechanisms.

• Compliance: Actively contributing to the team’s objective of achieving ISO 27001 compliance, focusing on incident response and cloud security.

• Security Operations Enhancement: Collaborating with the Security Operations Center (SOC) to optimize log analysis (using tools like Datadog) and enhance overall detection capabilities.

⚒️ Our tech stack

• You do not need to be familiar with our technical stack or any specific functional area, but we have a strong willingness to learn and adapt quickly.

• Ruby/Rails, Typescript/React/Node.js

• Android(Kotlin), iOS(Swift)

• AWS/Kubernetes, PostgreSQL, Kafka, Redis, Snowflake, Datadog

💡What’s in it for you ?

• Impactful Role: A key role in a dynamic cybersecurity environment within the financial sector, addressing important challenges related to finance and fraud.

• Collaborative Environment: Work within a scale-up culture with fewer silos and a focus on collaboration, where team members are engaged and interested in security.

• Cloud-Native Focus: Opportunity to work with modern cloud environments and current security practices.

• Growth Opportunities: Professional development and career progression opportunities within a supportive team.

• Compensation: A competitive salary and benefits package.

• Incident Response Experience: A minimum of 5 years of hands-on experience in incident response, with a track record of leading critical incidents end-to-end. We value leadership in guiding diverse groups towards incident mitigation.

• Technical Expertise in Cloud Security: Solid expertise in cloud security (CloudSec), Infrastructure as Code (Terraform), and Python for automation and scripting. Experience with cloud environments (AWS/Kubernetes is an asset).

• Digital Forensics & Log Analysis Skills: Proven experience in digital forensic investigations and proficiency with various log analysis and forensics tools. Experience with Datadog is a nice plus.

• Leadership & Communication: Ability to lead and coordinate large, cross-functional teams under pressure. Clear verbal and written communication skills are important for conveying technical issues to all stakeholders.

• Proactive & Structured Approach: Ability to work autonomously on building new tooling, documentation, and procedures when not actively responding to incidents.