Blog

May 27, 2021 Security Engineer

Who are we?

Denexus' mission is to build the global standard for Cyber Risk Quantification and unlocking the Risk Capital Markets to underwrite cyber risk at scale.

Join us in developing the world's first statistical engine for measuring industrial cyber risk.

Duties and responsibilities

. Participate in the process of building and fine-tuning of mathematical models helping the modeling team to understand and normalize information from a cyber-security perspective.

. Bring “blue-team” knowledge and expertise to the product in order to better understand mitigation strategies for relevant threats.

. Participate in product integration projects to understand their output and results.

. Participate in threat-intelligence reports.

. Design and participate in security audits in all the stages of a new project.

. Assessment of the cybersecurity protocols, controls and policies from an IT cybersecurity perspective a customer might have in-place.

. Participate in building network models for a typical network architecture for a particular OT process.

. Ensure that the company knows as much as possible, as quickly as possible about internal security incidents.

. Participate in the process of preparing and documenting standard operating procedures and protocols.

. Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.

. Understand cloud environments (AWS, GCP, Azure) and design how to integrate security controls through DevOps and Infrastructure as a Service (IaaS) techniques.

. Engineer, implement and monitor security measures for the protection of computer systems, networks and information.

. Identify and define system security requirements, both from an internal and customer perspective.

. Provide analysis and implementation guidance of SOC 2, ISO 27001, NIST 800 series, and other related compliance requirements and regulations.

. Monitor performance metrics, review logs, and conduct periodic audits to verify the effectiveness of security controls.

Qualifications

· Expertise in desing and implementation of cyber defense in a ‘top to bottom’ approach using your experience in security architecture.

· Expertise in analysis of cost and return estimation when implementing cybersecurity solutions.

· Expertise reviewing current system security measures as well as recommending and implementing enhancements.

· Expertise implementing internal IT security policies and controls based on the principle of least privilege (PoLP).

· Expertise in the configurations used in LANs, WANs, VPNs, routers, firewalls, and related network devices.

· Strong understanding of security controls, frameworks and practices.

· Experience implementing security controls associated with security frameworks such as SOC 2, ISO, and NIST.

· Experience establishing recovery procedures (disaster/cyber).

· Expertise to define, implement and maintain corporate security policies and procedures.

· Kownledge working with the current risks the IT world faces and experience implementing security solutions to mitigate those risks.

· Experience identifying and understanding attack patterns.

· Experience in network traffic analysis.

· Experience working in as part of a SOC or working with SOC teams during incident response.

DeNexus highly values that the Security Engineer…

· Has one or more industry-recognized security certifications, such as CISSP, CISM, CISA, OSCP, CEH, or CSSK.

· Has experience working in SaaS oriented companies.

· Has hands-on experience with scripting and coding to automate systems and security administration tasks.

· Is not isolated from the rest of the team. Working hand-in-hand with the rest of team members and external engineers is expected.

· Has an updated view of the security threats of the IT world and keeps that knowledge up to date.

· Has the ability to shape the output of his work as both design and implementation.

· Is able to find the balance between the perfect solution and the ever-changing needs of a company in constant expansion as DeNexus.

Location

· Based in Madrid, Spain

· Occasional travel to San Francisco, USA

Full Time

Apply for this job