Job Summary:  

• Develop security documentation, training, and guidance for internal infrastructure and engineering teams.
• Consult with internal teams and assist with architecture, threat modeling, and reviewing systems and infrastructure.
• Identify vulnerabilities and weaknesses in architecture.
• Make appropriate recommendations and drive teams to implement those recommendations.
• Identify and implement security, technical and process improvements.
• Define and own metrics to determine the effectiveness of security controls.
• Apply comprehensive hardening to infrastructure platforms, deployment code, and images.
• Architect, build, automate, and operate automated security controls/tools and review capabilities.
• Responsible for championing security culture and excellence, exercising risk-based judgement and prioritizing remediation work.

Skills on Resume:

• Security Architecture (Hard Skills)
• Threat Modeling (Hard Skills)
• Infrastructure Hardening (Hard Skills)
• Security Automation (Hard Skills)
• Vulnerability Assessment (Hard Skills)
• Team Collaboration (Soft Skills)
• Security Training (Soft Skills)
• Risk Prioritization (Soft Skills)

Job Summary: 

• Analyse and implement perimeter email security and email routing solutions.
• Provide architecture assurance on messaging initiatives.
• Implementation of email security standards such as DKIM, SPF and DMARC.
• Maintain email security infrastructure, providing stability by developing tools, policies, processes and procedures for the operations teams.
• Provide a secure environment by implementing controls to manage and mitigate risks.
• Provide consultancy services to IT Security teams.
• Develop automated metrics reporting capabilities.
• Create, review, maintain and update documentation, including Documenting and Publishing fixes in the central knowledge base.
• Work with global colleagues to provide globally consistent processes and solutions.
• Investigate and troubleshoot root causes when escalated from operations.
• Escalate and liaise with additional internal/external groups.
• Input into Business Continuity Planning and Practices.

Skills on Resume:

• Email Security (Hard Skills)
• Architecture Assurance (Hard Skills)
• Standards Implementation (Hard Skills)
• Risk Mitigation (Hard Skills)
• Security Consulting (Soft Skills)
• Automated Reporting (Hard Skills)
• Documentation Management (Soft Skills)
• Root Cause Analysis (Hard Skills)

Job Summary: 

• Responsible for the company’s infrastructure security, including cloud service security, intranet security, office network terminal security, and anti-virus.
• Perform operating systems (Linux and Windows) and application vulnerability scans.
• Perform a security baseline scan and reinforcement.
• Identify risk and propose solutions.
• Responsible for in-use open source component security, supply chain security threat information, and participating in emergency reactions to vulnerabilities and incidents.
• Research on common invasion methods, identify network intrusions and track abnormal terminal behaviour.
• Participate in database security management and propose enterprise security specifications and standards.
• Analyse logs and traffic, identify abnormal behaviour from massive logs, set up threat modelling, and do security analysis.
• Operate and maintain a hosted intrusion protection system (e.g., HIDS) for network intrusion discovery, blocking, tracing, and forensics.

Skills on Resume:

• Infrastructure Security (Hard Skills)
• Vulnerability Scanning (Hard Skills)
• Risk Identification (Hard Skills)
• Incident Response (Hard Skills)
• Network Intrusion Detection (Hard Skills)
• Threat Modelling (Hard Skills)
• Security Analysis (Hard Skills)
• Security Standards (Soft Skills)

Job Summary: 

• Ensure that the Infrastructure Manager and Head of IT Service Delivery are kept informed of progress and, in particular, are told of major problems and/or issues in a timely manner.
• Identify, evaluate and recommend patch management solutions that meet the business and technology needs, limiting impacts on users and implement, coordinate and monitor processes related to patch management governance.
• Act as a patch management expert and advisor, and develop strategies and processes for effective patch management.
• Participate in the creation and update of patch management governance policies.
• Ensure the latest security threats are understood and patch management is maintained in all environments, including production, UAT, test and Dev.
• Manage the patching process and schedules to keep systems secure across the corporate estate.
• Project manage the lifecycle of patches, ensuring they go through appropriate testing, and plan the deployment.
• Ensure a successful roll-out of security component updates within all environments.
• Ownership and management of the Patch Management Process across the estate.
• Work with the InfoSec team to ensure that all available patches are reviewed for relevance, impact, and vulnerability score to determine proper installation scheduling.
• Coordinate with the InfoSec team to determine actions required to mitigate or remove.
• Ensure all patches are tested in a safe environment prior to deployment.
• Develop KPIs and reporting that are relevant and measurable to the work of Technology Support and provide regular progress reports.

Skills on Resume:

• Patch Management (Hard Skills)
• Security Updates (Hard Skills)
• Governance Policies (Soft Skills)
• Risk Communication (Soft Skills)
• Project Coordination (Soft Skills)
• Vulnerability Assessment (Hard Skills)
• KPI Reporting (Hard Skills)
• Cross-Team Collaboration (Soft Skills)

Job Summary: 

• Keep abreast of emerging security technologies and discipline developments.
• Research and implement new technologies to enhance the firm's security posture.
• Work with developers, system/network administrators, and other colleagues.
• Ensure secure design, development, and implementation of applications and networks.
• Monitor appropriate venues for threats to the security of the client environment.
• Provide notification to all impacted parties related to the actions needed to mitigate threats.
• Manage and lead evaluations of the firm's environment by external third parties, including periodic penetration tests.
• Produce recommendations that integrate any findings with the business needs of the firm.
• Maintain knowledge of the information security needs of firm clients and implement measures to satisfy those requirements in the most efficient manner.
• Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts.
• Lead and manage security design and architecture efforts globally, along with other security team members.
• Together with security team members, manage events generated from all security monitoring environments, including anti-virus, DLP, SIEM, intrusion detection, vulnerability management and content filtering systems, as well as those detected by the firm's managed security service provider.
• Support general troubleshooting related to information security.

Skills on Resume:

• Security Research (Hard Skills)
• Secure Architecture (Hard Skills)
• Threat Monitoring (Hard Skills)
• Penetration Testing (Hard Skills)
• Security Collaboration (Soft Skills)
• Risk Mitigation (Hard Skills)
• Client Requirements (Soft Skills)
• Security Troubleshooting (Hard Skills)

Job Summary: 

• Develop Infrastructure Security Strategy, Plans and Policies for the organization.
• Develop a set of security standards and best practices for the Engineering organization.
• Recommend and implement security enhancements.
• Develop strategies and deploy tooling to respond to and recover from a security breach.
• Develop company-wide best practices for application security in production.
• Monitor computer networks for security issues, security breaches, or intrusions.
• Conduct regular application and infrastructure security assessments.
• Install and operate security measures, such as firewalls and data encryption programs, IDS, security monitoring and alerting.
• Deploy software that helps to notify of intrusions, and watch out for irregular system behavior.

Skills on Resume:

• Security Strategy (Hard Skills)
• Security Standards (Hard Skills)
• Breach Response (Hard Skills)
• Application Security (Hard Skills)
• Network Monitoring (Hard Skills)
• Security Assessment (Hard Skills)
• Cross-Team Communication (Soft Skills)
• Problem Solving (Soft Skills)

Job Summary: 

• Conduct internal penetration testing, simulate an attack on the system to highlight or find any weaknesses that might be exploited by a malicious party.
• Coordinate penetration testing with an external partner.
• Fix detected vulnerabilities to maintain a high-security standard.
• Plan for and Lead security incident response activities to minimize the impact.
• Lead technical and forensic investigation into the breach and identify the extent of the damage.
• Prepare reports of their findings with recommended actions for the management.
• Educate the workforce on information security through training and building awareness.
• Research security enhancements and implement.
• Ensure compliance with GxP, GDPR, HIPAA and SOC2 standards.
• Represent the company in Customer Audits.

Skills on Resume:

• Penetration Testing (Hard Skills)
• Vulnerability Remediation (Hard Skills)
• Incident Response (Hard Skills)
• Forensic Investigation (Hard Skills)
• Security Reporting (Hard Skills)
• Security Training (Soft Skills)
• Regulatory Compliance (Hard Skills)
• Customer Communication (Soft Skills)

Job Summary: 

• Build developer tooling and automation to support the underlying services that power the platform.
• Deliver clean interfaces and infrastructure for other developers to work on.
• Support (audit, patch and plan to progressively improve) the infrastructure for a highly available distributed data retrieval and processing system.
• Deploy new infrastructure to support the back-end services that power the Echosec open data search and aggregation products.
• Promote security best practices, manage user access and ensure principles of zero trust and least access are applied.
• Research and complete proof of concept designs.
• Improve the existing infrastructure's ability to be failure resilient, recoverable, secure and easier for the development team to build and deploy.
• Collaborate with the team to determine system logging and telemetry outputs and efficient DevOps practices.

Skills on Resume:

• Developer Tooling (Hard Skills)
• Infrastructure Automation (Hard Skills)
• System Reliability (Hard Skills)
• Security Best Practices (Hard Skills)
• Proof Of Concept (Hard Skills)
• Access Management (Hard Skills)
• Team Collaboration (Soft Skills)
• DevOps Practices (Soft Skills)

Job Summary: 

• Develop and implement Systems and Network Security initiatives.
• Ensure continuous alignment with security standards and requirements across Infrastructure environments managed by TPCi.
• Monitor industry trends around network and systems security.
• Keep requirements and solutions in line with the threat landscape.
• Define and oversee adherence with network security architecture standards for on-premises and cloud environments.
• Define and drive the implementation of network device, firewall, server, and workstation security configuration requirements.
• Implement security solutions and capabilities to limit risks to the TPCi infrastructure.
• Partner with IT to develop and implement corporate authentication platforms, including multi-factor authentication and privileged access management.
• Provide security expertise and consulting to partner teams in Tech and across the enterprise.
• Alongside the Information Security team, responsible for responding to and remediating security events/incidents.
• Collaborate with the Information Security team to ensure the successful completion of roadmaps and initiatives.
• Integrate security testing and controls into different phases of teams’ development lifecycles.
• Utilize agile methodology by making iterative progress toward achieving individual, team, and organizational objectives.

Skills on Resume:

• Network Security (Hard Skills)
• Security Standards (Hard Skills)
• Threat Alignment (Hard Skills)
• Firewall Configuration (Hard Skills)
• Authentication Platforms (Hard Skills)
• Security Consulting (Soft Skills)
• Incident Response (Hard Skills)
• Agile Collaboration (Soft Skills)

Job Summary: 

• Work with teams to implement, identify and advance security at Tesla.
• Conduct penetration tests and risk assessments of the environments relating to the product lifecycle.
• Identify software supply chain risks, design and implement mitigations.
• Audit deployment systems, cloud infrastructure and orchestration systems.
• Lead security initiatives and serve as a point of contact.
• Work with vendors, partners, and other Tesla teams to drive remediation.
• Conduct risk assessments to prioritize threats and compare mitigation strategies.
• Assist design teams in developing secure connected systems.

Skills on Resume:

• Security Implementation (Hard Skills)
• Penetration Testing (Hard Skills)
• Supply Chain Security (Hard Skills)
• Cloud Auditing (Hard Skills)
• Security Leadership (Soft Skills)
• Vendor Collaboration (Soft Skills)
• Risk Assessment (Hard Skills)
• Secure Design Support (Soft Skills)

Job Summary: 

• Proactively seek out new challenges and problems across the company plan, prioritize and engineer solutions to them.
• Respond to emerging Security Engineering issues impacting business units across the company.
• Code reviews across the team the job is to make everyone better.
• Set the standard and lead by example, set and document what, believe engineering standards should be.
• Hold other engineers on the team and across the company to engineering standards.
• Responsible for regular demos of products, the value they bring to the business and the roadmap for future development.
• Improve and implement outstanding security configurations and protection in infrastructures, including production, cloud, and office environments.
• Review, improve and support systems and network in accordance with in-house and worldwide security standards and requirements.
• Review and maintain the security perimeter and access control.
• Provide advice and mentorship to IT teams in the security area, and educate them in security matters.
• Participate in obtaining external security audits and certifications.

Skills on Resume:

• Security Engineering (Hard Skills)
• Issue Response (Hard Skills)
• Code Review (Hard Skills)
• Engineering Leadership (Soft Skills)
• Security Configuration (Hard Skills)
• Access Control (Hard Skills)
• Security Mentorship (Soft Skills)
• Audit Participation (Soft Skills)

Job Summary: 

• Provide security guidance on a new/existing cloud infrastructure and technologies.
• Assist development, QA and and systems engineers in incorporating security at every stage of product delivery.
• Look for vulnerabilities, security issues and risks in hardware and software.
• Find and implement the best methods and tools to secure the IT infrastructure and networks within the organisation.
• Constantly monitoring systems for attacks and intrusions.
• Perform threat modeling sessions in collaboration with the Internal IT, network and other internal teams to secure employee endpoints, email communication, file sharing systems and related processes.
• Perform a structured security risk assessment to identify, prioritize, and provide recommendations or solutions for issues found.
• Perform security review on third-party tooling and integrations (secret management, social media accounts, banking integrations, etc).
• Opportunity to participate in security on-call rotation and incident response.
• Learn about the banking system process.

Skills on Resume:

• Cloud Security (Hard Skills)
• Secure Development (Hard Skills)
• Vulnerability Assessment (Hard Skills)
• Infrastructure Protection (Hard Skills)
• Threat Monitoring (Hard Skills)
• Risk Assessment (Hard Skills)
• Security Review (Hard Skills)
• Team Collaboration (Soft Skills)

Job Summary: 

• Develop a proactive vulnerability and patch-management solution, showcasing a clear risk state of the infrastructure due to out-of-date software/hardware.
• Secure remote access with MFA, robust account management, state-of-the-art monitoring, and alerting.
• Utilize Infrastructure management tooling (Puppet, Chef, TF, Ansible) for consistent hardening configurations such as CIS benchmarks across cloud and on-prem infrastructure.
• Craft a strategy with tooling for the security of SaaS solutions such as G Suite, Slack, etc., deployed across the organization.
• Develop a third-party vendor review process for risk assessment and decision-making.
• Help manage and maintain InfoSec-owned services (AD, F5, SSO, Ansible, etc.) to maintain 24/7 availability.
• Work on incidents and requests for InfoSec, as well as provide escalation and troubleshooting on items from other teams.
• Review and analyze security-related logs, alerts and events across the environment as well as maintain awareness of threats “in the wild”.
• Assist with developing and enhancing processes (onboarding, offboarding, server builds, security metrics).

Skills on Resume:

• Patch Management (Hard Skills)
• Remote Access Security (Hard Skills)
• Infrastructure Hardening (Hard Skills)
• SaaS Security Strategy (Hard Skills)
• Vendor Risk Review (Soft Skills)
• Service Maintenance (Hard Skills)
• Security Incident Response (Hard Skills)
• Process Improvement (Soft Skills)

Job Summary: 

• Help secure infrastructure for the platform's AWS and GCP environments.
• Build, deploy and maintain tools to help with threat detection, incident response, vulnerability management, and abuse.
• Deploy and maintain a security log aggregation and detection system.
• Design and implement detection and remediation controls around AWS and GCP Infrastructure.
• Handle infrastructure security incidents and perform investigations.
• Evaluate and recommend infrastructure security tools.
• Create, review and maintain RBAC policies across AWS, GCP and Kubernetes in line with the principles of least privilege.
• Maintain and monitor the Centralised SIEM, including management of Security incidents, onboarding of new clients, and log sources.
• Maintain and monitor the Centralised Vulnerability management solution for the Managed Services Team, including the rollout of new agents and appliances, scans, and assisting with reporting and remediation programs.
• Maintain and monitor managed services EDR estate, including monitoring, incident management, configuration reviews, rollout, and onboarding of new clients and reporting.
• Maintain and monitor managed services firewall status, including incident management, patching, Healthchecks, and rule-based reviews.

Skills on Resume:

• Cloud Infrastructure Security (Hard Skills)
• Threat Detection Tools (Hard Skills)
• Security Logging (Hard Skills)
• Incident Response (Hard Skills)
• RBAC Management (Hard Skills)
• SIEM Operations (Hard Skills)
• Cross-Team Communication (Soft Skills)
• Problem Solving (Soft Skills)