Job Description

You will be a key member of a modest security team distributed across multiple time zones. You should have a passion for Cloud security, cybersecurity, technology and automation. A resilient approach to complex problems, an innovative growth mindset and a profound hunger to learn is essential. You will be working alongside seasoned professionals in a high-intensity team environment.

The position will focus mainly on securing CoinFLEX public facing systems and security administration of our cloud based applications. You will have responsibility for implementing solutions to ensure the security of our applications through implementing security tools, static and dynamic security testing and vulnerability scanning. You will additionally take the lead in configuration and management of multiple WAFs using terraform.

Responsibilities

• Day-to-day security operations
• Security dashboard reviews & incident investigations.
• Establishing new or improved security operational practices
• Ensure vulnerability assessments are carried out on key resources and to work with other teams to remediate them.
• Work with the Platform and Development team to ensure security is built into the platform, solution and network architecture and non-functional security requirements are delivered.
• Participate in security audits and reviews and work on any actions assigned to you.
• Help maintain control over logical and physical access – identify opportunities where we can make improvements.
• Using scripting or tools and increasing automation
• Integration with DevOps
• Provide advice or assistance for colleagues with security related issues.
• Ensure critical or high severity events and incidents are not allowed to propagate further and major incident handling is initiated.

Essential skills and experience required

• Experience working within a DevSecOps team
• Knowledge of DAST and SAST configuration
• Experience of NIDS and HIDS configuration
• WAF configuration and management
• Infrastructure as code tools such as Terraform and Ansible 
• Proven experience in IT/Cyber Security
• Good knowledge of cybersecurity and hacking methodologies
• IT Security qualifications or willing to work towards achieving these
• Understanding and experience of cloud server architectures
• Experience or qualifications in AWS
• Experience of modern software development and automation; Agile, Dev-ops CI/CD
• Proficiency in English 
• Intrinsic interest and experience otherwise with working with development and scripting languages as Python, JavaScript, Java, C++, Bash, Ruby
• Containerization. E. G. Docker and Kubernetes
• Linux
• Development experience
• Log analysis

Desirable skills

• Excellent teamwork and communication skills used with a remote global team
• Drive to learn new technologies fast and work with the team and independently
• Experience in team management and coordination to maximise efficiency
• Knowledge of continuous integration and delivery
• Very high security awareness and implementation skills 
• Great Linux/Unix Administration skills
• Good amount of experience with software such as Git, Docker, Kubernetes
• Good knowledge of AWS, Google Cloud, Microsoft Azure, Alibaba or one of the other IaaS providers and using Terraform, Ansible or other orchestration tools
• Experience in designing and implementing ISO 27701 framework 

What you’ll get in return

• Excellent compensation
• High value perks based on performance
• Cryptocurrency and financial services experience
• Training as required
• An environment where learning and development is encouraged
• Autonomy to experiment and build new cybersecurity solutions

CoinFLEX people  

From tough but determined and successful beginnings we are forging strong company values for the business, we are building a team of smart, positive, collaborative, productive, ambitious, entrepreneurial, energetic and success oriented people.

This is an opportunity to make a profound difference to an emerging market sector, for example, if you work in the relatively mature equities or fiat FX markets, any work you do will very likely make an intangible difference to the markets or market infrastructure when compared with the gains which are to be made in the relatively infant cryptocurrency market infrastructure

We are doing what we consider to be ground breaking and important work, however we want to have fun along the way so we have an informal yet professional atmosphere where people are encouraged to speak up. We have weekly company wide stand up meetings to aid communication and the overall cohesive growth of the already globally distributed business across Europe and Asia.

We also offer flexible working hours and working from home as necessary.