Conio
Cybersecurity Engineer
NEWRemoteFull-timeGlobal
š Midš Remote
RemoteRemote work position availableActivePosted within the last 30 days
Job Description
As a Cybersecurity Engineer you will be the technical right hand to the CISO and responsible for managing and improving the design of the digital shield, automating threat response, and ensuring every software release is secure from the first line of code. Specifically you will:
- Security Operations & Response: Monitor events using SIEM/HIDS and enterprise class EDR platforms; manage incidents, cases and indicators of compromise (IoCs).
- SOAR & Automation: Develop and manage integration tools to orchestrate responses between identity protection systems endpoints and Incident Response platforms.
- Threat Intelligence: Keep Threat Intelligence databases up to date by integrating external feeds and automating analysis via responders and analyzers.
- DevSecOps Pipeline: Implement and monitor code security using SAST, DAST and SCA for static/dynamic analysis, vulnerability scanning and container security within CI/CD pipelines.
- App, Cloud and Smart Contract Security: Perform manual penetration tests and security analyses on Web and Mobile apps (iOS/Android), oversee security posture of cloud infrastructure and smart contracts.
- Documentation Management: Produce and maintain technical documentation on security policies and procedures aligned with standards (NIST ISO27001 DORA SOC2).
- Security Design: Validate architectural specifications with a security oriented mindset.
Requirements
- āOver 3 years of experience in Cybersecurity in roles such as Security Engineering, DevSecOps, SOC, Blue Team, Red Team, Purple Team or equivalent.
- āEngineering mindset with proficiency in Python for automation and API integration.
- āStrong knowledge of Linux, cloud provider security mechanisms, and containerized environments.
- āPractical experience with log monitoring platforms, SIEM, EDR/XDR and incident management systems (SOAR/Threat Intelligence).
- āAppSec expertise with tools for pentesting and security analysis of web applications.
- āVulnerability management and maintaining a secure posture for corporate assets.
- āExcellent written and spoken Italian and English.
- āNice to have knowledge of blockchain security and asset custody; experience with orchestration tools (Docker Swarm Kubernetes); familiarity with PCI-DSS ISO27001 SOC2 DORA NIS2 NIST; curiosity and ability to learn new technologies; ability to write technical documentation.
Responsibilities
- āMonitor events using SIEM/HIDS and enterprise class EDR platforms; manage incidents, cases and IoCs.
- āDevelop and manage integration tools to orchestrate responses between identity protection systems endpoints and Incident Response platforms.
- āKeep Threat Intelligence databases up to date by integrating external feeds and automating analysis via responders and analyzers.
- āImplement and monitor code security using SAST DAST and SCA for static/dynamic analysis, vulnerability scanning and container security within CI/CD pipelines.
- āPerform manual penetration tests and security analyses on Web and Mobile apps (iOS/Android); oversee security posture of cloud infrastructure and smart contracts.
- āProduce and maintain technical documentation on security policies and procedures aligned with standards (NIST ISO27001 DORA SOC2).
- āValidate architectural specifications with a security oriented mindset.
Benefits & Perks
- āStrategic visibility with direct reporting to the CISO and immediate impact on technology choices.
- āHighly competitive compensation package including an individual welfare plan.
- āFlexible work policies including hybrid or full remote arrangements.
- āOver 60 days per year of Work From Anywhere.
- āContinuous learning through tailored training programs and sector events.
- āPeriodic in-person or offsite meetings and team building activities.
- āOpportunity to be part of a company leading change and innovation.
Tech Stack
ISO27001SIEMNIS2analysisDASTSASTNISTCDCIContainers