Location: Sri Lanka
Reporting to the Team Lead - Security & Compliance Team, you will take full ownership of a set of tasks related to governing the security of the on-premise and cloud infrastructures, and provide technical guidance to the members of the Security & Compliance team working on those tasks. You will be expected to spend your time conducting security research, providing guidance to engineering teams to secure their deployments, evangelizing security processes and best practices, and reviewing the work carried out by junior team members. You will be perceived as an infrastructure security expert by the rest of the organization.
- Research on vulnerabilities, attacks, security recommendations, and identify how those might impact on-premise and cloud deployments.
- Research on new technologies and methodologies related to infrastructure security and identify how WSO2's security processes can adopt them.
- Automate the security processes to increase its efficiency. You will need to automate tasks using a programming/scripting language.
- Participate in internal security audits of the infrastructure using automated tools and manual approaches.
- Develop and document policies and processes to ensure security-focused engineering.
- Prepare secure deployment guidelines, including securing the pipelines and containerized environments.
- Work with external security researchers and customers related to security efforts and issues.
- Introduce new ideas on how to improve the security posture of the organization.
- Assist Infrastructure and Engineering teams to handle security incidents, and provide assistance to train them on security processes, best practices, and vulnerability identification and mitigation.
- Participate in security-related conferences like OWASP AppSec or BlackHat, and present our research and development work to the wider security community.
- Perform other tasks related to infrastructure security as necessary.
Qualifications and Skills:
- 2 - 4 years relevant industry experience.
- BSc in Computer Science/Engineering/Networking/Security, or equivalent.
- Security certifications such as OSCP, CISSP, SSCP, CCSP, and Cloud certifications of Azure, AWS, or GCP will be an added advantage.
- Strong analytical and communication skills.
- Eagerness to learn new technologies, and a passion for the network security domain.
- Possess broad knowledge of core computer science concepts. Especially on web technologies, networking, and cryptography.
- Ability to provide direct feedback on technical and non-technical aspects to team members, handle and resolve conflicts, and manage a team under pressure.
- Be a self-motivated individual with the ability to motivate fellow team members.
In addition to a competitive compensation package, WSO2 offers:
- A work culture and environment where we value both hard work AND flexibility.
- A sensible vacation/leave plan that fits your needs.
- Health insurance for you and your family.
Founded in 2005, WSO2 enables the composable enterprise. Our open-source, API-first and decentralized approach helps developers and architects to be more productive and rapidly compose digital products to meet demand. Customers choose us for our broad, integrated platform, approach to open source, and digital transformation methodology. The company’s hybrid platform for developing, reusing, running, and managing integrations prevents lock-in through open-source software that runs on-premises or in the cloud. WSO2 has over 800 employees worldwide with offices in Australia, Brazil, Germany, India, Sri Lanka, the UAE, the UK, and the US. Today, hundreds of leading brands across the globe and thousands of projects execute more than 18 trillion transactions annually using WSO2’s technologies.
Visit wso2.com and follow WSO2 on LinkedIn or Twitter to learn more.