Company DescriptiondxFeed is the leading provider of data services for the Capital Markets industry, sourcing and storing direct market data feeds from a variety of exchanges and market participants around the world, having built one of the most comprehensive ticker plants, in addition to offering the broadest range of data services for streaming, consolidation, storage, extraction, analytics, including index construction and maintenance for buy-side and sell-side institutions of the global financial industry.We are looking for Security Engineer to join the team.Job DescriptionWe expect Security Engineer to:evaluate the security strategies and technical implementationsgather system requirements, working together with application architects, systems engineers and CISOsecurity operations, monitoring, threat analysis, alerting setup and investigation responsediscover security services offeringsdevelop technical solutions and new security tools to help mitigate security vulnerabilities, automate repeatable tasks, prevent issuesensure compliance with security policies and guidelinesensure that the company knows as much as possible, as quickly as possible about security incidentsorganize regular security assessments on new and existing products to find potential vulnerabilitiesprovide security guidance on new products, technologies and proposed architecture solutionstake an active role in driving internal security and privacy initiativescommunicate directly to software, hardware and cloud vendors on security and vulnerability-related topicschoose, setup, configure and administer security products and toolsanalyse security alarms and prepare run books / escalation guidelines for on-duty teamsrespond and record results of security incidents, performa post-mortem analysisparticipate in new vendor/supplier on-boarding checksassess security policy, run auditswork together with other teams to secure the Cloud and on-premise/datacenter deployments, setups and ongoing everyday processesimplement hardening concept for network equipment / operating systemscreate automated security auditing and monitoring tools and enhancementsQualificationsRequirements:experience in setup, review and analysis of security alarmssecurity tools administration experienceunderstanding of networking, IP addressing and Industry Security standardsaccurate and logical approach to resolving issuesdesire to learn, suggest and implement new solutionsworking on the implementation and maintenance of our security event monitoring toolingbuilding our security incident management and forensics capabilitiesworking with the Infrastructure team to review and manage our access controls and identity managementrunning the vulnerability management tools, analysing results and applying remediationsmanaging tooling to effectively detect and respond to security incidentsevaluating the impact of current security trends, advisories, vulnerabilitiesbuilding tooling for internal use that enable the team to operate at high speed and at scaleperforming and automating in-house network and host security testingmanaging third-party penetration testsacting as incident manager and running interactions with external incident response and forensics teams in the event of a major incidentworking with infrastructure teams to ensure that programmatically-driven security policies are correctimplementing security orchestration and automation on top of existing solutionsexperience in hardening Cloud, Linux and Network concepts/approachsbe familiar with compliance frameworks or standards (e.g. SOC2, ISO27001, GDPR)AWS Security Certifiedmentoring other engineers in securityscripting/coding experienceautomation and CI/CD experiencehands-on OS operation skills (Linux)good communication skills and fluent in English
