Security Operations and Compliance Engineer
About The Position
As Security Operations and Compliance Engineer you will be responsible for overseeing, operating and improving security controls and solutions that support the business in all areas: cloud and on-premise. You will perform drilldowns and investigations. Execute periodic and implement new corporate compliance, attestation and certification activities. You will drive implementation and continues improvement of standards and procedures. You will work closely with the company whole to make sure that the compliance and applicable regulation requirements are met. Your responsibilities:
- Operate and monitor security measures for the protection of computer systems, networks and information
- Continues interaction with multiple interfaces within and outside of the organization
- Monitor the environment for security breaches and intrusions
- Conduct investigations, manage response and corrective actions
- Conduct vulnerability scans and penetration tests
- Maintain and improve corporate compliance and certifications
- Conduct periodic access and configuration reviews
- Update security standards and practices
- Review and reply to customers enquiries and security questionnaires
- Recommend and implement security enhancements and improvements
- Implement automatic detection, alerting and preventing mechanisms
- Prepare, document and update standard operating procedures and protocols
- Assist in educating staff members on information security through training and awareness
- Support overall corporate security program
The ideal candidate will have excellent technical and communications skills and be able to translate business requirements to technical recommendations, design and implementation. The one should be able to identify risks and propose mitigations; has an ability to read and update security documentation, such as policies, procedures, customer queries. This person can multi-task, is self-motivated and a team player; is highly organized with high energy level and a can-do attitude. Required skills include:
- 3 years’ experience as Security Operations and Compliance Engineer or similar position, working with cloud and on-premise products and services.
- Experience in implementing and maintaining of regulatory compliance and adhere to framework requirements such as SOC2, ISO, NIST, GDPR, etc.
- Experience in operating and maintaining security systems including firewalls, intrusion detection systems, anti-virus software, identity and access management systems, SIEM, log management, content filtering, etc.
- Excellent communication skills
- Experience with cloud, on-premise and hybrid security methodologies and principles
- SaaS, serverless and container experience – major advantage
- Knowledge of network, operating systems and data platform security
- Experience with network security and networking technologies and with system, security, and network monitoring tools
- Thorough understanding of potential and emerging information security threats, vulnerabilities, and control techniques.
- Problem solving skills and ability to work in demanding situations
- Hands-on experience with Linux, Windows and MacOS distributions
- Familiarity with cloud computing environments (AWS, Azure, and Google Cloud)
Aqua’s Information Security team is a business enabler, committed to supporting company business by effectively securing daily operations, technology, assets and employees. As one of company core teams, we are working with the entire organization, interacting closely with all company functions and employees, and actively involved in the dialog with customers.