Senior Security Engineer
We are a fast-growing, Mexican fintech startup with the mission to become the bridge to people’s financial freedom through technology.
We are providing microloans to people in financial need through a fast and efficient process, always treating them with the respect and dignity they deserve.
Our long-term vision is to be the most inclusive digital bank in LATAM with more than 2.5 million clients.
About your role
As a Security Engineer, your role will be crucial to our organization's security posture. You'll lead the way in developing and implementing robust, cutting-edge security protocols and systems. You'll ensure our products and processes meet the latest IT security standards and best practices, including CIS-18, ITIL4, and DevSecOps, to safeguard our growing client base and our credit portfolio.
- Design and Implement Robust Security Architecture: Develop and implement systems that can effectively defend against threats. These systems should incorporate the latest security protocols and tools.
- Conduct Regular System Testing: Regularly perform system testing to ensure the effectiveness of security measures. This can include penetration testing, vulnerability assessments, and security audits.
- Maintain Awareness of Latest Security Threats and Developments: Stay up-to-date with the latest cybersecurity threats, vulnerabilities, and trends. This information should guide the update and refinement of the organization's security systems.
- Incident Response and Recovery: Develop and implement procedures for responding to security incidents and for restoring operations in the event of an attack or disaster. This includes creating a detailed incident response plan.
- Promote Security Best Practices: Encourage a culture of security consciousness within the organization. This can involve developing and delivering training sessions to educate staff on security best practices and potential risks.
- Compliance and Governance: Ensure that all security policies, procedures, and systems are in compliance with relevant laws, regulations, and standards. This might involve regular audits and documentation.
- Evaluation and Recommendation of Security Tools: Continually assess and recommend security tools, technologies, and processes that will enhance the organization's security posture.
- System Design and Implementation: Develop and execute robust security infrastructures to safeguard the organization from cyber threats.
- Security Monitoring: Oversee security access and conduct assessments to identify potential vulnerabilities.
- Incident Management: Lead the response to security breaches and coordinate recovery actions.
- Security Training and Policies: Develop and enforce security policies, conduct employee training, and foster a security-conscious culture.
- Technology Evaluation: Assess and recommend security products to strengthen the organization's defenses.
- Collaboration: Work with different departments to incorporate security practices into daily operations.
- Compliance Management: Ensure the organization adheres to industry regulations for data privacy and security.
- CIS SecureSuite Certification: Guide the organization towards achieving the CIS SecureSuite Certification by implementing the CIS Controls and Benchmarks, thereby ensuring best practices in security are met.
What You Bring to the Team
- Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity, or a related field, or equivalent experience.
- 7+ years of experience in IT security, with a proven track record of leading security projects and teams.
- Recognized certifications in cybersecurity, such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP).
- In-depth knowledge and certification in DevOps and DevSecOps practices and tools, such as Certified Kubernetes Administrator (CKA), AWS Certified DevOps Engineer, or Jenkins Certified Engineer.
- Certification in IT Service Management (ITSM) or ITIL.
- Clear and Transparent Communication. You can articulate your thoughts clearly, concisely and can facilitate technical understanding to non-technical stakeholders.
- Relentless Resourcefulness. You are solution-focused, and known for your creativity and resourcefulness when facing challenges.
- Sense of Urgency. You possess a proactive approach, always pushing forward to achieve desired outcomes.
- Flexibility and Resilience. You maintain your composure and focus amidst changes, adapting swiftly when necessary.
- Self-Driven and Committed. You are motivated and committed to ensuring the success of your team and the business.
- Strategic Thinking. You use data to inform decisions, understanding the deeper implications of certain strategic choices.
- Critical / Analytical Thinking. You can analyze complex issues, identify their root causes, and propose clear, logical action plans.
- Team Player. You understand the importance of collaboration and fostering a positive team culture.
- A significant role in a multinational, highly driven team of professionals.
- A flexible and remote working environment.
- High level of ownership and independence.
- 25 vacation days / year + 75% holiday bonus.
- 1 month (proportional) of Christmas bonus.
- "Vales de despensa" - 3,912 MXN / month.
- Health & Life insurance.
- Home office set-up budget.
- Unlimited budget for Kindle books.
- Baubap Free Loan.
- A competitive salary.