Location: Sri Lanka
Reporting to the Team Lead - Security & Compliance team, you will take full ownership of the infrastructure security domain and provide overall technical leadership to the efforts related to your area within WSO2. In addition, you are expected to spend the majority of the time shaping the security vision for the WSO2 infrastructure, and developing organization-wide infrastructure security policies, procedures, and training programs. You will be perceived as an infrastructure security expert by the rest of the organization.
- Research on vulnerabilities, attacks, security recommendations, and ensure WSO2 on-premises and cloud deployments are resilient to such vulnerabilities.
- Research on new technologies and methodologies related to infrastructure security and drive adaptation of those in improving WSO2's security processes.
- Participate and drive internal security audits of the infrastructure using both automated and manual approaches.
- Develop and document policies and processes to ensure security-focused engineering.
- Prepare and drive adaptation of secure deployment guidelines, including securing pipelines and containerized environments.
- Automate security processes to increase its efficiency.
- Work with external security researchers and customers related to security efforts and issues.
- Introduce new ideas on how to improve the security posture of the organization.
- Assist the Infrastructure and Engineering teams to handle security incidents, and provide assistance to train them on security processes, best practices, and vulnerability identification and mitigation.
- Participate in security-related conferences like OWASP AppSec or BlackHat, and present our research and development work to the wider security community.
- Perform other tasks related to infrastructure security as necessary.
Qualifications and Skills:
- 8 - 10 years relevant industry experience.
- BSc in Computer Science/Engineering/Networking/Security, or equivalent.
- Security certifications such as OSCP, CISSP, SSCP, CCSP, and Cloud certifications of Azure, AWS, or GCP will be an added advantage.
- Strong analytical and communication skills.
- Eagerness to learn new technologies, and a passion for the network security domain.
- Possess broad knowledge of core computer science concepts, especially on web technologies, networking, and cryptography.
- Ability to provide direct feedback on technical and non-technical aspects to team members, handle and resolve conflicts. Manage a team under pressure.
- Be a self-motivated individual with the ability to motivate fellow team members.
In addition to a competitive compensation package, WSO2 offers:
- A work culture and environment where we value both hard work AND flexibility.
- A sensible vacation/leave plan that fits your needs.
- Health insurance for you and your family.
Founded in 2005, WSO2 enables the composable enterprise. Our open-source, API-first and decentralized approach helps developers and architects to be more productive and rapidly compose digital products to meet demand. Customers choose us for our broad, integrated platform, approach to open source, and digital transformation methodology. The company’s hybrid platform for developing, reusing, running, and managing integrations prevents lock-in through open-source software that runs on-premises or in the cloud. WSO2 has over 800 employees worldwide with offices in Australia, Brazil, Germany, India, Sri Lanka, the UAE, the UK, and the US. Today, hundreds of leading brands across the globe and thousands of projects execute more than 18 trillion transactions annually using WSO2’s technologies.
Visit wso2.com and follow WSO2 on LinkedIn or Twitter to learn more.
Diversity Drives Innovation
We’ve built our business on a commitment to diversity and inclusion. We believe it’s important to foster an environment that values and respects each individual’s strengths, perspectives, and ideas. Doing so not only drives innovation; it also ensures that we can create superior experiences for our customers, partners, and employees worldwide. We value the diversity of our team regardless of race, ethnicity, religion, gender, age, national origin, disability, sexual orientation, or veteran or marital status, and we do not tolerate any form of discrimination.