Lead Security Engineer

JUMIA
Africa's Largest eCommerce Site

Job details

  • Full-time
  • map markerPorto, PT
  • cardRequires Work Permit
    Requires that you're a citizen or have a valid work permit / visa sponsorship to work in the country in which this position is based.
  • routeSenior
  • routeRequired language: English
  • routeNice to have language: French
  • Computer & Network Security
  • tagMust Have: CISSP, Network Security, System AdministrationOther Required: Microsoft AzureNice to Have: Amazon Web Services, Google Cloud Platform

Apply now

Sign up to apply

Or sign up to refer and earn a reward of €300

Intro

 Responsibilities:
  • Build out a roadmap for the workforce training, penetration testing and company security policies.
  • Perform security reviews and risk assessments as required.
  • Recommend and implement changes to enhance systems security and prevent unauthorized access.
  • Automate tasks on managing and configuring security-related services.
  • Deliver practical awareness training of the workforce on information security standards, policies and best practices.
  • Manage security policies and procedures by reviewing and auditing security policies.
  • Help to maintain information security policies and company-wide information security controls to protect the integrity of company's assets.
  • Help monitor infrastructure compliance of legal requirements and internal policies.
  • Exercise and execute incident response plans in response to suspected security incidents.
  • Develop, augment or implement open-source and third-party controls to assist in detection, prevention and analysis of security threats.
  • Coordinate incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage.
  • Coach and mentor junior team members. 

Main requirements

Requirements:
  • Degree in Computer Science or higher in an Information Security field.
  • Background in software development or systems administration.
  • 5 or more years in a similar position.
  • Display strong technical and thought leadership skills.
  • Good understanding of network protocols, design, and operations.
  • Working knowledge of Security principles, techniques, and technologies.
  • Knowledgeable of programming languages like Python, Go, Ruby, etc.
  • Comfortable with Web Application Firewalls, SIEM, IDS/IPS.
  • Experience with defining and enforcing hardening and other security standards.
  • Knowledge of open security testing standards and projects, including OWASP..
  • Certifications on Information Security (CISSP, CISA, OSCP, OSWE, OSCE, GPEN, GXPN, GREM, GNFA, GCFA or similar).
  • Fluency in English, both written and spoken. 

Nice to have

Valued:
  • Experience with Cloud environments (AWS, Azure, GCP) is a plus.
  • Experience in Identity Management projects or Cloud Access Security Brokers is a plus.
  • Working knowledge of PCI-DSS and/or ISO 27001, policy and procedure review and document management, gap analysis, etc is a plus.
  • Good understanding of risk-assessment methodologies (OCTAVE, NIST SP 800-30) is a plus.
  • Experience in Data Privacy impact assessment (GDPR) is a plus.
  • CCP (ex-CAP) is a plus.
  • Fluency in French, both written and spoken is a plus. 

Benefits & Perks

We offer:
  • A unique experience in an entrepreneurial, yet structured environment.
  • The opportunity to become part of a highly professional and dynamic team working around the world.
  • An unparalleled personal and professional growth as our longer-term objective is to train the next generation of leaders for our future internet ventures. 

Apply now

Sign up to apply

Or sign up to refer and earn a reward of €300