Job Description

Softjourn is looking for a Senior Security Engineer!

About The Project

The client is an American bank. They have several projects. They are currently looking for a dedicated team focused on Salesforce and Mulesoft. The client plans a migration from the old bank platform to the new one based on Salesforce. This would be a project from scratch. The current status of the project is preparing for the definition phase. They are looking for resources to help them define the scope, required people, budget, etc.

Requirements

• 5 – 6 years of experience as a Security Analyst;
• Bachelor’s Degree in information security, information technology, and information security assurance;
• Working knowledge and understanding of Cloud security (Salesforce Cloud etc.), data security, network security, identity, and access management, policy management, and risk management;
• A deep understanding of Information Technology (i.e., Active Directory, Firewalls, Routers, Infrastructure, Databases, Logging, Monitoring, Change Management, Segregation of Duties, Cybersecurity, Physical Security, IT operations, Network Security, SIEM, DLP, EDR, and Cloud Computing);
• Experience with various scripting languages (Bash/PowerShell/Python);
• General Information Technology and Computer Networking knowledge preferred;
• Demonstrated problem-solving and critical thinking skills;
• Strong verbal and written communication skills;
• Upper-intermediate level of English.

Responsibilities:
• Monitor events and triage alerts across various security platforms;
• Monitoring security access;
• Conducting security assessments through vulnerability testing and risk analysis;
• Performing both internal and external security audits;
• Analyzing security breaches to identify the root cause;
• Continuously updating the company’s incident response and disaster recovery plans;
• Verifying the security of third-party vendors;
• Keep up to date with the latest security and technology developments.

Don't hesitate and send us your CV at hr@softjourn.com !

Powered by JazzHR

Quick response

Required Knowledge

• K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
• K0004   Knowledge of cybersecurity and privacy principles.
• K0005   Knowledge of cyber threats an`d vulnerabilities.
• K0021   Knowledge of data backup and recovery.
• K0033   Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
• K0058   Knowledge of network traffic analysis methods.
• K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
• K0104   Knowledge of Virtual Private Network (VPN) security.
• K0106   Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
• K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
• K0334   Knowledge of network traffic analysis (tools, methodologies, processes).

Required Skills

• S0007   Skill in applying host/network access controls (e.g., access control list).
• S0053   Skill in tuning sensors.
• S0059   Skill in using Virtual Private Network (VPN) devices and encryption.
• S0077   Skill in securing network communications.
• S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Required Abilities

• A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).