We are looking for a skilled IT Security Engineer with an enthusiastic mindset to join our Infrastructure and Security team. This team is the heart of Kivra and is building and supporting a large, scalable platform for all our services. The platform provides distributed systems that handle all our data with great reliability and security.
What you'll do
At Kivra we consider IT Security as being part of our core business. We provide digital content to almost 5 million people who all rely on us to protect their data and assure it is always available. You'll play a key role in Kivras Infrastructure and Security team, where you will work alongside great colleagues with a strong focus on building and improving our security posture. Your focus will be on assessing current security setup, implementing new security measures, evaluating new tools and driving the technical and system related security initiatives at Kivra alongside our Application Security Manager. We also expect you to be able to chip in on our regular Sysadmin/Devops tasks when needed and possible.
You will be working with:
- Security Operations
- Network Security
- Server Security
- Client Security
- Cloud Security (GCP and AWS)
- Information Security (protecting information / reporting on breaches)
- Identity and Access Management
- Security Monitoring and alerting
- Investigations and forensics
Our infrastructure is based on:
- Distributed systems, micro service architecture (Docker and Kubernetes)
- Automation and provisioning with Ansible and Terraform
- Colocation and Google Cloud Platform using CentOS
- Web stack: Nginx, HAProxy, Google LB
- Monitoring and logging: Zabbix, Sentry, Pagerduty, Splunk
- Zookeeper, Kafka, Python, Erlang and some Java backend applications
- Self hosted hardware: HP, Cisco, MikroTik, Supermicro
- Database environment: Riak, PostgreSQL
- IAM: Google, MS AD, ldap
To be frank, we hire for attitude! Who you are and how you fit the team is super important. We thrive on being nice and helpful to each other and to the rest of the company! But to have fun at Kivra you also need to have strong skills in your area of expertise as well as Linux servers, Active Directory, Enterprise level IT system management and automation (e.g. Ansible/Terraform) paired with an equally strong sense of service. You should also be well versed in working in hybrid environments spanning from on prem to the cloud. And always with a focus on the security and stability of our services!
You will have worked with IT Security for a few years at least, having acquired the necessary skills in the field. You know NIST and CIS v8, and if you have worked with ISO27001/27002 that’s a nice bonus. We assume you have been working with implementing and maintaining technical IT Security defense and monitoring, as well as being a champion evangelist spreading the knowledge in all parts of the organization. And of course, you stay on top of the field working proactively with Cyber Intelligence!
You are well versed in hardening and securing servers, containers and network equipment as well as clients of all sorts. Making sure that IT Security is not a blocker for the business or for people's daily work while maintaining a strong security posture makes perfect sense to you.
We have a very warm and friendly culture and we expect you to take part in that naturally. We thrive on collaboration and teamwork, we expect personal initiatives and love strong opinions based on facts. Welcome!