Global IT Security Engineer
Open Source is in our genes. Open to us means more than shared source code. It’s a philosophy and approach that informs everything we do. It’s how we develop software, how we work with partners and customers, and how we engage with communities. Most of all, it’s about keeping our minds open to new ideas.
Leveraging our Linux heritage, we deliver the truly open source solutions, flexible business practices, lack of enforced vendor lock-in, and exceptional service and support that our customers’ digital transformation demands. Our commitment to open source means adapting it and making it dependable, with highly flexible solutions that are hardened and secured for the most demanding IT environments.
In readiness to operate independently from our current parent company, SUSE is now standing up our own IT function to support and enable the rapid growth of the organization. As part of this new team, we are looking for an IT Security Engineer in the SUSE IT Team.
In SUSE you will find a wide range of technologies, the most prominent of which is our pride, SUSE Linux. We also have several Windows and MacOS machines to monitor and protect, so it should not come as a surprise that you need to be equally comfortable with proprietary and open source security solutions and products
In this role, you will take part in the design, implementation and operation of the future IT Security stack for SUSE. A good understanding of security risks and attacks to Computer Networks and Operating Systems is mandatory, while familiarity with business processes and threat analysis will be beneficial.
You should expect to be exposed to cloud–based products, either as SaaS or IaaS. Experience in risk management and security architectures will be advantageous but not a requirement. A good balance of technical knowledge and soft skills is required.
You will have the opportunity to work with multiple tools and to define your own path, as long as SUSE’s needs are covered.
Things we do in SUSE and you will have the opportunity to work with, are:
- Definition and operation of the Security Awareness and Training program for SUSE employees.
- Identification and review of network security requirements, baselines and controls for the new IT stack; review of IDS and firewall configuration and logs to identify abnormal behaviour
- Manage and fine tune the Secure Web and Secure Mail Gateways for SUSE
- Scope and coordinate penetration tests. Perform vulnerability scans, evaluate the results and drive the remediation process reporting progress and gaps
- Manage and fine tune the Antimalware and the EDR / HIDS solution for SUSE.
- Configure and create correlation rules in SUSE’s SIEM, manage and monitor alerts.
- Identify opportunities for, and promote automation and new technical solutions and security tools to help mitigate security vulnerabilities and improve operational efficiency
- Provide Incident Response (IR) when analysis confirms an actionable incident; develop IR playbooks and scenarios
- Develop and suggest new Operating Procedures or changes to existing ones as needed
- Self-driven, passionate for IT Security and eager to learn
- Fluent in English, written and verbal; ability to participate in on-call support scheme
- Exceptional customer service skills
- Able to make decisions when needed, being a team player, ability to work well under pressure
- Able to multi-task, prioritize, and manage oneself effectively