Job Description
The Security Engineer plays a crucial role in designing, implementing, and maintaining robust security measures to protect our infrastructure and products at GROW.
The Security Engineer is responsible for developing and implementing security strategies, protocols, and technologies to safeguard GROW against potential threats and vulnerabilities. Collaborating closely with cross-functional teams, including software engineers, network administrators, and system architects, to integrate security measures into GROW’s products and systems.
Key Responsibilities
- Contribute to security strategies, policies, and procedures to protect GROW's infrastructure, networks, and data.
- Conduct regular security assessments, vulnerability scans, and penetration testing to identify and mitigate potential risks and vulnerabilities.
- Implement security solutions, including firewalls, intrusion detection/prevention systems, data encryption, and access control mechanisms.
- Monitor and analyze security logs and events to detect and respond to security incidents in a timely manner.
- Collaborate with software engineering teams to integrate security best practices into the software development life cycle.
- Stay up-to-date with the latest security trends, vulnerabilities, and industry best practices to proactively address emerging threats.
- Conduct security awareness training and educational programs for GROWgetters to promote a security-conscious culture within GROW.
- Participate in incident response activities, including investigations, root cause analysis, and remediation planning.
- Collaborate with external stakeholders, such as auditors, vendors, and clients, to ensure compliance with relevant security standards and regulations.
Qualifications
- Tertiary qualifications or equivalent industry experience in Information Security.
- Proven experience in a security role, preferably in a fast-paced and technology-driven environment.
- Deep understanding of network security principles, protocols, and technologies, including SIEM, Firewalls, VPNs, IDS/IPS, and encryption.
- Knowledge of security best practices and industry standards (e.g., OWASP, ISO 27001, NIST).
- Hands-on experience with vulnerability assessment tools, penetration testing methodologies, and security incident response.
- Strong Programming/scripting skills (e.g., Python, Golang, Bash, Terraform) to automate security tasks and analyze security data.
- Familiarity with cloud security concepts and technologies for at least one cloud provider (e.g., AWS, Azure, GCP).
- Strong analytical and problem-solving skills with the ability to identify and mitigate security risks effectively.
- Good interpersonal and communication skills, with the ability to collaborate with diverse teams and present complex security concepts to non-technical stakeholders.
- Good stakeholder management, and the ability to juggle multiple priorities.
Highly Desirable
- Information Security certifications (OSCP, CREST, etc.)
- Experience presenting to senior leadership, clients.
Additional Information
Why you’ll love working at GROW
- Birthday Leave - Take an extra day off per year on your birthday!
- Hybrid Work Arrangement - We have a true hybrid arrangement!
- Exciting Discounts - Think movie tickets, gift cards & even electronics
Looking for a job can be stressful and we don’t want you agonising over the wording of your cover letter, so don’t include one. Just make sure your CV is well-written and detailed enough so we can get a better idea of the type of person you are. Even if you don’t meet every single requirement, but you feel inspired to join our mission, we encourage you to send in your application. You never know, you could be the perfect person to join our team!
We are a 2024 Circle Back Initiative Employer – we commit to respond to every applicant
