Cyber Security Engineer (Red Team)

Place of work
Mlynské nivy 12, Bratislava
Contract type
full-time
Wage (gross)
From 1 700 EUR/monthMinimum base salary for this job from 1700 EUR gross/month/full time. Our offer to you may be higher based on your skills and experience and will include additional rewards and benefits.*

Information about the position

Job description, responsibilities and duties

- Work on ever evolving security framework and AWS cloud infrastructure architecture.
- Manage development of new and existing security service components into service models for CI/CD provisioning.
- Accountable for verifying security posture of infrastructure to meet appropriate compliance and governance requirements
- Contribute to the design, implementation, and execution of security review and test methodologies for the recurring and holistic testing of a critical group of AWS infrastructure services.
- Ensure remediation of risks by partnering with iptiQ CISO and with other squad infra teams.
- Perform design review, threat modeling, security review, penetration testing, and red teaming on production systems for AWS infrastructure.
- Scope and perform penetration testing & vulnerability research of iptiQ AWS solutions.
- Work closely with the internal teams as well with AWS Security teams to develop large scale, cutting edge, testing, monitoring, remediation, and analytics solutions.
- Work closely with other internal development teams across iptiQ to create comprehensive security tooling and functional improvements at scale.
- Demonstrate exceptional judgment, integrity, business acumen, and communication skills.
- Prepare and present detailed, written technical information for internal and external audiences.
- Participate in architecture decisions and provide design guidance for current and future projects related to our cloud infrastructure.

About the company

iptiQ, a wholly owned subsidiary of Swiss Re Group, is a "white label" Life & Health insurance provider, working in partnership with leading consumer brands across Europe. As a white label solution provider, we offer an end-to-end insurance manufacturing solution, tailored to our partner's and their customer needs. We cover every step of the insurance manufacturing process, including product design, policy administration, underwriting, claims management, accounting and finance. We differentiate by providing our services based on a strong technology platform designed to serve direct to consumer channels with high degree of automation. We offer our service services primarily to Life and Non-Life insurance companies and strong retail brands (including banks) in continental Europe and the UK.

About our IT team

iptiQ IT Cloud Development and Operation team is responsible for architecture, build, test and operation of iptiQ AWS infrastructure and Kubernetes platform. We are responsible for building and maintaining secured, reliable and resilient infrastructure that enables us to provide best possible quality of service to our distribution partners. We are also providing support to various teams in iptiQ with matters related to IT infrastructure and related services. You would be part of the group located in Bratislava, while also cooperating with the groups in different countries around Europe.
Technologies and tools, infra squad is using:
AWS and its services, Terraform, Ansible, GitLab, Docker, Kafka, PostgreSQL, MySQL, Linux, Python, Bash, Java, Node Js and more!

Information about the selection process

We are required by law to disclose basic wage component (minimum salary) for the advertised positions. We carefully consider your professional competencies, qualifications and experience in our compensation package and/or when offering you other positions. Our compensation philosophy is to pay fairly, also considering market situation and the value employees may bring to Swiss Re.

We are an equal opportunity employer, and we value diversity at our company. Our aim is to live visible and invisible diversity – diversity of age, race, ethnicity, nationality, gender, gender identity, sexual orientation, religious beliefs, physical abilities, personalities and experiences – at all levels and in all functions and regions. We also collaborate in a flexible working environment, providing you with a compelling degree of autonomy to decide how, when and where to carry out your tasks.

We provide feedback to all candidates via email. If you have not heard back from us, please check your spam folder.

Requirements for the employee

Candidates with education suit the position

University education (Bachelor's degree)
University education (Master's degree)
Postgraduate (Doctorate)

Language skills

English - Upper intermediate (B2)

Personality requirements and skills

- Passionate about internet security issues and the threat landscape for popular software & services with the ability and desire to root-cause, mitigate, and explore deeper.
- Domain expertise in at least 2 of: security architecture and engineering, communication and network security, identity and access management (IAM), security assessment and testing, cryptography, and software development security.
- A data-driven and quantitative mentality--you excel in supporting ideas with available evidence.
- Experience with the design and implementation of technical security controls at the business division level.
- Experience performing or supporting Red Team engagements with an understanding of a holistic assessment
- Experience with AWS or similar enterprise cloud computing platforms.
- Experience with full-stack (Linux / Unix) software architectures from UI to infrastructure.
- Experience with serverless architectures, and common virtualization techniques (hypervisors/containers/jails) and escapes/exploits from these environments.
- Experience with micro-service, API-based agent, or service oriented software architectures.
- Operations experience with CI/CD development or managing distributed systems
- Web service assessment experience with authentication controls, session management, access controls, logic flaws, injection vulnerabilities, request smuggling, cloud privilege escalation, DOS attacks
- Participation in Bug Bounty programs – good to have

Basic Qualifications

- 3+ years' experience in software security.
- Bachelors' degree in Computer Science or similar field or equivalent work experience.
- 1+ years of proficiency in at least 1 scripting programming language, familiarity with Java, and familiarity with Python

Advertiser

Brief description of the company

As the world's leading and most diversified global reinsurer, we offer as our core business financial services products that enable risk taking essential to enterprise and progress. Our company was founded in Zurich, Switzerland in 1863, and operates in more than 25 countries and provides its expertise and services to clients throughout the world. We combine financial strengths with experience, knowledge and creative thought to explore new opportunities in the interests of our clients, staff and shareholders.

Number of employees

1700 and more employees

Company address

Swiss Re Management AG, org. zložka
Mlynske Nivy 12
821 08 Bratislava
Learn more about working in Swiss Re Slovakia.

Contact

Kontaktná osoba: Filip Graus

ID: 3349783  Dátum zverejnenia: 23.2.2021  Základná zložka mzdy (brutto): 1 700 EUR/month