Information Security Engineer – Media.Monks – Buenos Aires, Buenos Aires

We are looking for an InfoSec Engineer who is able to understand the security objectives, interpret the identified risks, and implement the tools & processes to improve the level of security and can proactively detect opportunities for improvement.

This person will be responsible for knowing our security configuration holistically, assessing security in the different environments, proposing improvements or innovations to the current architecture and providing information required for compliance and audit processes. We are looking for someone who is passionate about what they do, and not afraid to speak up or make suggestions.

In this role you will:

• Assess security risks over the infrastructure, architecture, applications and services that are part of the company’s technological environment
• Monitor security events for alerts within our tech stack, and investigate any potential breaches
• Routinely perform internal security tests (vulnerability assessments, penetration tests, security assessments) and security audits
• Assist in the implementation of security measures for the protection of endpoints, systems, accounts, and data
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
• Provide input for a continuous vulnerability management over the IT environment
• Work with other teams to help prepare and document standard operating procedures and protocols related to security
• Interact with other teams, to ensure we are able to find the best security solutions for our company and use case, while also ensuring compliance with legal and private commitments.
• Handle security breaches according to defined policies and procedures, ensuring that all staff members are informed of the situation accordingly.
• Provide topics and materials for security-focused trainings
• Research and propose new security tools to implement different kinds of controls and measures

Minimum Qualifications:

• Bachelor’s degree in Computer Science/Engineering/Information Security.
• +3 of experience in similar roles
• Experience in performing vulnerability assessment, penetration test or ethical hacking
• Experience in implementing security best practices on infrastructure in cloud and on-premise and on SaaS (hardening).
• Knowledge of vulnerability management processes
• Knowledge of networking security (architecture, protocols, VPNs)
• Knowledge of web application security and secure development (SSDLC), APIs security
• Knowledge of cloud environments (GCP, AWS)
• Fluent english (written and oral)

Qualities:

• Good communication
• Ability to confidently present findings to those with either a technical or non-technical background.
• Self-directed, resourceful, and a critical thinker with attention-to-detail and proactive problem-solving skills.
• Ability to self-organize and plan activities with commitment towards results.
• Ready to learn new contents both from others or self-learned.
• Passionate about self-improvement and suggesting improvements to processes or activities.

Preferred Qualifications:

• InfoSec Certification (e.g. CISSP, Comptia Sec, CEH, etc)
• Experience with Fortinet security solutions
• ISO27001 framework knowledge

#LI-FR1