Security Engineer / DevSecOps

LotusFlare is a provider of cloud-native SaaS products based in the heart of Silicon Valley. Founded by the team that helped Facebook reach over one billion users, LotusFlare was founded to make affordable mobile communications available to everyone on Earth.

Today, LotusFlare focuses on designing, building, and continuously evolving a digital commerce and monetization platform that delivers valuable outcomes for enterprises. Our platform, Digital Network Operator® (DNO™) Cloud, is licensed to telecommunications services providers and supports millions of customers globally.

LotusFlare has also designed and built the leading eSIM travel product - Nomad. Nomad provides global travelers with high-speed, affordable data connectivity in over 190 countries. Nomad is available as an iOS or Android app or via getnomad.app.

Overview:
As Security Engineer on the Infrastructure Team at LotusFlare you will be responsible to drive the overall IT security standards across our cloud native DNO stack. This incorporates security policies and domain security concepts along with the implementation and the lifecycle of security technologies in LotusFlare’s infrastructure.

As a Security Engineer, you will be reporting to the VP of Infrastructure and engage directly with infrastructure and product engineering teams.

Our office is located in the vibrant area of Krakow, at Aleja Pokoju 18. We encourage you to join us in the office to collaborate, connect, and contribute to our team's success.

Requirements:

• 3+ years of DevOps or DevSecOps experience
• Experience securing CI/CD pipelines Familiarity with modern DevSecOps tooling (SAST, DAST, SCA, IaC scanning)
• Bachelor's degree
• Cloud-native infrastructure stack experience with tools like Terraform, Ansible and etc;
• Experience in the implementation of security controls and familiarity with SCAP and continuous security monitoring solutions
• Knowledge in the development and implementation of the following concepts:
  
  • Network Security Concepts
  • Linux System Security and System Hardening
  • Data Classification and Data Security Concepts
  • Cloud Security, particularly AWS
• Understanding of various user access controls, SSO, user profile integrity and access management controls
• Ability to analyze and resolve complex infrastructure resource and application deployment issues
• Minimum Intermediate level of English

Nice to have:

• Experience with intrusion detection solutions and web application firewalls/L7 proxies
• Experience in Server Application security concepts and security controls
• Hands-on experience with Qualys
• Scripting and automation skills, implementing in Python, Go and similar languages

Responsibilities:

• Actively managing the security of our cloud-native runtime environment
• Clearly and promptly communicate and negotiate security technical topics with both technical and non-technical audiences
• Drive security improvements to production cloud environments
• Perform targeted offensive security testing
• Implement continuous monitoring systems and tools to automatically identify potential security issues at the code, application and infrastructure layers
• Review code and other production changes with the goal to maintain the security standards
• Stay current on emerging security threats, vulnerabilities, and controls for the cloud
• Working with backend engineering teams on architecting, profiling, and monitoring high-performance high availability product components as microservices, providing mission-critical real-time functionality on the control plane of mobile and fixed networks
• Evolving the infrastructure and keeping our stack up to date with the latest technologies

Benefits:

• Hybrid work environment;
• Yearly bonus;
• Paid lunches;
• Private medical insurance;
• The company covers accountant assistance expenses;
• ZUS coverage;
• Paid sick leaves;
• 21 working days of vacation, public holidays;
• Training and workshops.

About:
At LotusFlare, we attract and keep amazing people by offering two key things:

• Purposeful Work: Every team member sees how their efforts make a tangible, positive difference for our customers and partners.
• Growth Opportunities: We provide the chance to develop professionally while mastering cutting-edge practices in cloud-native enterprise software.

From the beginning, our mission has been to simplify technology to create better experiences for customers. Using an “experience down” approach, which prioritizes the customer's journey at every stage of development, our Digital Network Operator™ Cloud empowers communication service providers to achieve valuable business outcomes. DNO Cloud enables communication service providers to innovate freely, reduce operational costs, monetize network assets, engage customers on all digital channels, drive customer acquisition, and increase retention.

With headquarters in Santa Clara, California, and five major offices worldwide, LotusFlare serves Deutsche Telekom, T-Mobile, A1, Globe Telecom, Liberty Latin America, Singtel, and other leading enterprises around the world.

• Website: www.lotusflare.com
• LinkedIn: https://www.linkedin.com/company/lotusflare
• Instagram: https://www.instagram.com/lifeatlotusflare/
• Twitter: https://twitter.com/lotus_flare

QvksTntZ9Y