Overview

This position will support our SaaS email platform, providing service to large customers for tens of millions of end users.Core competencies required include platform security, automated deployment, virtualization and internet protocols. You will be expected to provide quick resolution of difficult technical problems. This position will also be responsible for major contributions to technical architecture, documentation and systems project management. 


Your key responsibilities / Your passion

  • Review and evaluate current security standards based upon best practices and latest technologies
  • Server configuration and management using IaC (Terraform, Ansible, Chef)
  • Define and implement platform architecture and binding security concepts/policies at a deeply technical level both internally and externally
  • Ensure the security requirements of our customers and that the requirements for our security certifications (ISO 27001) are met and documented correctly
  •  Assist with an overall security concept for our container platform approach
  • Work closely together with our platform architecture experts, with a particular focus on the security of the platform
  • Assit in providing security related feedback for mission-critical software such as Dovecot, LDAP, Galera, Cassandra, OX AppSuite with a particular focus on hardening
  • Prepare system security reports by collecting, analyzing, and summarizing data and trends
  • Maintain security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs
  • Document architecture and essential function methodologies
  • Collaboration with global operations teams

Your background / What you bring to the table

  • Bachelor or master degree in computer science or comparable +10 years job experience
  • 3+ years experience in the area of Operations security
  • 8+ years experience working with Linux
  • Strong experience with configuring, validating and securing environments utilizing firewalls and iptables
  • Experience and understanding of hardening Linux-based environments with heterogenous applications
  • Knowledge of Internet, authentication, and authorization protocols (HTTP, LDAP, SAML, OAuth/Openid Connect), Privileged Identity Management, Identity Federation
  • Knowledge of symmetric and asymmetric encryption technologies, including concepts such as Forward Secrecy, Padding Modes, Elliptic Curves
  • Strong Experience with Linux kernel tuning, TCP/IP, Mcast and strong networking fundamentals
  • Experience with configuring and operating a Host-based IDS such as OSSEC across a large platform
  • Deep understanding of encryption technologies, including keeping cipher suite configurations up-to-date at the OS and application level
  • Experience with security incident response
  • Solid understanding of networking concepts: the OSI model, TCP, IP, routing, firewalls, load balancers
  • Interest in learning new technologies and working with proof of concepts to promote new technologies
  • Excellent written and verbal communication skills; willingness to present technical information to a group
  • Understanding of multi-tiered applications
  • Experience with logging technologies such as Graylog, ELK stack, or Splunk
  • Design operation concepts, implementation of IaC automation and provide documentation 
  • Lead and assist in areas of technical innovations and security improvements
  • Some domestic and international travel will be required

Our offer to you

  • Exciting work on a modern open-source cloud software in an internationally operating company
  • Plenty of scope for your own ideas and design decisions
  • Flexible working hours and the ability to work from home
  • Equipped with the up-to-date hardware
  • Trainings and continuous personal development
  • Flat hierarchies with an "Open Door" philosophy