Security Engineer at Showmax

Apply now

Prague

 

PLATFORM SECURITY TEAM MISSION

The team will be responsible for the consistent implementation of DevSecOps principles and tools within our organization, extending and unifying existing security initiatives, providing continuous education and guidance, and further refine established security practices. 

Implement tooling for Patch and Vulnerability management, IAM/PIM and maintain the policies which are implemented across our organization. 

Lead threat modelling and security design reviews with engineering teams, provide subject matter expertise in resolving complex security problems. 

Cooperate with external entities providing services in the information security area (internal and external audits, penetration tests, code audits, etc.).

Enforce standard methodologies, processes and tools and ensure compliance to group security policies and overall company strategy. Develop and support the development of security testing and validation tooling.

 

PLATFORM SECURITY ENGINEER MISSION

  • Analyze the threat landscape in Showmax environment
  • Provide risk assessments and mitigation strategies
  • Implement and/or adopt security tools, resolving and preventing vulnerabilities everywhere in the stack
  • Interface with other engineering teams and help them with IT security projects implementation

 

REQUIREMENTS

  • English B2/C1. You will be communicating with peers from native english environment and need to be able to express your thoughts and ideas clearly
  • Any of the mainstream UNIX-like systems is the one you are comfortably working with as your main OS and you know enough to take care of GNU/Linux server side
  • Knowledge of the modern infrastructure as SRE/DevOps and CI/CD principles
  • You understand what parts and fundamental technologies make a modern user-facing application possible end to end
    • API/backend developer experience is a plus
    • Security researcher experience is a big plus
  • “Reasonably paranoid” mindset

TICK ANY (the more the better) OF

  • Good grasp over networking technologies and concepts
  • Understanding of security concepts for data at rest and data in transfer and technologies to implement them
  • Familiarity with OWASP Top 10, understanding of threat modeling
  • Experience with cloud infrastructure deployments
    • Hands-on experience with Amazon Web Services is a plus
  • Experience with SSO authentication systems
    • Hands-on experience with Azure Active Directory is a plus

BENEFITS

  • 25 days of holidays
  • 5 sick days
  • Annual bonus based on performance
  • Fully remote work possible
  • Flexible hours 
  • Equipment that you prefer - Lenovo or Apple laptop, monitors, etc.
  • Meal vouchers, MultiSport card
  • Education - internal knowledge sharing, conferences, online courses, time allocation for learning purposes
  • Ergonomic workspace, good coffee and snacks in the office

 

Not interested?
See other positions (22)