Infrastructure Security Engineer

This job is for an Infrastructure Security Engineer at Ivalua, a leading provider of cloud-based procurement solutions. The role involves working with InfoSec, IT, and R&D teams to ensure the security of the company's enterprise-class SaaS service. The Infrastructure Security Engineer will be responsible for implementing and monitoring technical security controls, conducting security impact assessments, reviewing firewall rules, analyzing vulnerability reports, and addressing security issues in the infrastructure and product. They will also lead security projects, collaborate with various teams, and support compliance initiatives.

• Identify and recommend technical security measures to address security threats and lead security projects related to infrastructure security
• Review and develop security design and architecture of Cloud Infrastructure and Applications
• Implement, administer, and troubleshoot endpoint, server, network, and cloud security technologies
• Define and lead the vulnerability management program, including infrastructure vulnerability scanning and penetration testing
• Collaborate with the SOC team to improve security investigation and threat intelligence processes
• Collaborate with IT operations, engineering, and development teams to manage and remediate security incidents
• Support technical security controls related to compliance initiatives
• Assist customer and prospect facing teams with technical security questions
• Act as the SME on infrastructure security and collaborate with internal teams to review and improve technical architecture and operational processes

• 4+ years of experience in infrastructure and network security engineering/architecture, protocols, and tools
• 3+ years of hands-on experience in deploying security technologies such as DLP, Database Activity Monitoring, MDM, NAC, IDS/IPS, CASB, etc.
• 3+ years of experience in assessing infrastructure and web application vulnerabilities
• Experience with scripting languages such as Python and PowerShell
• Knowledge of Active Directory, including key concepts, main attacks, and hardening
• Knowledge of cryptography concepts, encryption algorithms, protocols, keys, and certificates management
• Proficiency in Windows and Linux operating systems and MS SQL database
• Proficiency with cloud technology and deployments, specifically Microsoft Azure (required), and familiarity with Amazon Web Services and Google Cloud (good to have)
• Experience with security aspects of operating SaaS environments
• Experience with security incident response and investigation
• Ability to show initiative and drive progress and improvement
• Ability to foster collaborative and open working relationships with technology and other stakeholders
• Experience with security compliance and certification programs such as OWASP, NIST, FedRAMP, PCI, SANS CIS 20
• Information Security qualification or evidence of working towards certifications such as CISSP, OSCP, Azure GPEN, or similar
• Ability to handle multiple tasks, prioritize, and meet deadlines
• Prior experience in financial services, government, or any other relevant industry.

• An innovative and stimulating work environment
• Great training and career development
• Opportunity to work with a diverse and global team
• Regular social events, team sports, or musical activities
• Focus on customer experience, agility, pragmatism, positive attitude, enthusiasm, team play, continuous learning and improvement, and accountability
• Recognition and awards for company culture, women, and diversity