What would be your role?
The Security Team is responsible for making sure all of Casumo's products are designed and implemented to the highest security standards. We are looking for an engineer who is passionate about security and help us keep building features and tooling that will protect our players and our employees alike. The Information Security Engineer will support the business with design, testing, implementation and upkeep of state-of-the-art secure application systems, networks, and database products as well as peripheral tools and services that helps the rest of Casumo safeguard the integrity of their data, irrespective of the location of the data. This person must have the ability to work in a team environment with fellow engineers, analysts, regulators, vendors and customers. The ability to effectively communicate both verbally and in writing is essential.
An Information Security Engineer at Casumo will:
Develop and maintain cybersecurity artifact, tools and processes for production and office systems;
Champion security with different teams to make their infrastructure more secure, primarily through automated tools and manual code/architecture review
Design, build, maintain, and operate innovative tools to continously enhance our security
Be the first response and remediation for security-related incidents
Consult, evangelize, and educate about conceptual and practical security to groups of varying sizes, disciplines, and experience levels
Engage and participate in the security community, and keep abreast of information security incidents in the wild and training to ensure cutting-edge knowledge is within the business.
Profile and required technical skills
Computer Science/Software Engineer B.Sc. Degree and 3 to 6 years of related software engineering experience or equivalent combination of education / experience.
You have experience in securing systems against attacks in several areas of security but most notably at the infrastructure and network layers; including knowledge about internet security, CDNs, VPNs, firewalls, SSL and secure network design in relation to always-online systems.
You've built a strong foundation and you have in-depth technical knowledge of security engineering, authentication, security protocols and applied cryptography.
You understand security in distributed systems at scale in modern architectures and written by modern development teams.
You are confident working in Linux environments and comfortable working with tools like git and scripting languages such as Python.
You are familiar with, or are willing to learn and embrace open-source tools such SaltStack, Ansible, ELK and Grafana.
Knowledge of tools and applications such as MySQL, RabbitMQ, Docker, Vagrant or Jenkins are considered an asset.
Self managed, driven, curious and a team player that likes freedom with responsibility and would feel comfortable in an environment of developer anarchy.
Acts responsibly with sensitive and confidential information.
Able to travel if required and appreciates that some black-hat hackers work at unsociable hours.
It’s a plus if you have experience with transaction-heavy, distributed systems, messaging, microservices and automated provisioning techniques.
Certifications such as CISSP would be considered as a bonus but not essential.
Genetically engineered replicants can apply but must be able to pass the Turing test during interview.