Senior Infrastructure (AWS) Security Engineer (m/f/d) - EMEA

Permanent employee, Full-time · Remote - Europe

In a Nutshell
Are you passionate about fostering strong security culture? Do you think like an attacker and derive purpose in life by revealing potential weaknesses, adapting quickly, and finding creative ways to implement security in a fast-paced environment?

Spryker is seeking an Infrastructure Security Engineer.  As an Infrastructure Security Engineer, you will harden Spryker on-prem and cloud environments. Your work will radically improve the security posture of Spryker for years to come.

We're looking for someone who has experience with various real-world issues with broad knowledge of security and Linux systems, and solid expertise in on-prem and cloud security. 
You have a strong security mindset, are passionate about infrastructure, and are excited to harden our network and endpoints against all threats.  
You obtained experience across various technical disciplines and may have held past roles such as Information Security (Hardening, Detection/Response, Blue Team) and systems (SRE, Linux SysAdmin, Network Engineer). 

Join our team and help us revolutionize the world of commerce & tackle diverse challenges!
Your challenges
  • Design and build the security components of the next phase of Spryker infrastructure
  • Build security automation for on-prem and cloud environments
  • Work with CISO to implement compliance and security requirements
  • Research and assist in the piloting and evaluation of new tools, technologies, technical controls and processes to support and enforce defined security policies
  • Participate in various information security functions Solution Design, Incident Response, and Vulnerability Management
  • Work closely with the DevOps team and business units to ensure security best practices in the cloud environment
  • Plan and execute network scans and vulnerability assessments of our products and services associated with cloud infrastructure
  • Design, architect, and implement defensive security controls
  • Monitors system logs via SIEM tools and network traffic for unusual or suspicious activity. Interprets such activity and makes recommendations for resolution
  • Contribute to a knowledge base comprising technical reference library security advisories and alerts information on best security trends and practices, laws and regulations
  • Have the ability to understand and develop enterprise policy and technical standards with specific regard to cloud secure configuration and processes
  • Review the current infrastructure and implement necessary changes according to CIS benchmarks
  • Participates in security projects and provides expert guidance on security matters for other IT projects
Your profile
  • 5 +  years experience in cyber security and security operations 
  • Bachelor/Master’s Degree in Computer Science or an equivalent degree
  • Skills in security principles such as least privilege access, defence in depth, preventative vs detective controls, DevSecOps
  • Demonstrated experience in AWS security services (e.g. IAM, ACM, KMS, GuardDuty, Inspector, Secret Manager) and AWS security best practices
  • Relevant, hands-on security experience or operation experience with such technologies as (at least some of them): AWS, Azure, GCP, Linux, Docker, Kubernetes, ELK Stack
  • Vulnerability Management, Identity, and Access Management, Endpoint protection, RBAC, SIEM, NIDS/IPS, Penetration Testing, Vulnerability Assessments
  • Familiarity with existing security standards and methodologies (e.g. OWASP, CSA, CIS Benchmarks and NIST, etc.)
  • Experience with scanning tools such as Nessus, Nexpose, Qualys, OpenVAS/Greenbone, etc.
  • Automation knowledge (Python, Bash scripting, Terraform)

Bonus points for:

  • Experience in providing infrastructure for PHP-based web applications
  • Deep experience in infrastructure automation and IaC
  • Industry recognised certification: AWS Certifications; CCSP (Certified Cloud Security Professional); CISSP (Certified Information System Security Professional); CEH (Certified Ethical Hacker)
About us
Spryker enables companies to become digital pioneers in B2B, Unified Commerce, B2C, and marketplaces. The innovative platform-as-a-service solution with over 50 API-based packaged business capabilities (PBC) is cloud-native, and its flexibility makes it attractive for companies and developers.
The Spryker Cloud Commerce OS has empowered 150+ companies to manage transactions worldwide. It is trusted by brands such as Toyota, Hilti, Lekkerland, Hero, Rose Bikes, and Prym.
Our modern offices are located in the digital metropolises of Berlin and Hamburg and other locations such as Amsterdam and New York. We are taking new markets by storm!
The international Spryker team is constantly working with new, exciting customers, technologies, innovative approaches and is looking for talented people who want to revolutionize the digital commerce world with us.
Learn more at www.Spryker.com.



OUR RESPONSIBILITY – 5 REASONS TO JOIN THE SPRYKER HERD
  • We integrate work into our lives, not the other way around: To be your most productive, creative, and amazing self, make use of our FLOW concept, while enjoying the trust and full ownership to excel in an outcome-oriented environment.
  • We challenge and grow: Our mission is to provide each Sprykee with a framework for holistic and regular 360° feedback as well as for personal and professional development. Develop your skills further via self-learning tools, training, and workshops, as well as free language classes and knowledge sharing sessions.
  • We focus on our vision: Grasp our vision, ambition, and DNA during our regular all-hands and executive Q&A sessions. We are passionate about many things - we are a climate-neutral company, an equal opportunity workplace and we partner with organizations like Girls in Tech.
  • We connect and celebrate our success: All to help you to identify, dance, connect, and exchange with our herd, living the Spryker spirit. Digital Yoga and workout classes, regular team events, and legendary summer and winter parties in surprising locations where we gather our entire global herd.
  • We live and breathe innovation: Constant innovation lies not only at the heart of our product but is key to our DNA in all areas of business. Choose between the newest hardware versions, and work with the latest tools and technologies. Help us stay innovative by providing feedback and suggestions through our regular and anonymous internal pulse surveys.


HERD STATEMENT
We are innovators, challengers, and proactive solution-seekers. We are empathic lateral thinkers and team players first. But above all, we are all different, and that is what makes our Spryker herd unique!

These various approaches, ideas, cultures, passions, and solutions make us strive to hire great people from a wide variety of backgrounds globally. At Spryker, we are proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, or disability status.
Our Spryker herd welcomes all.

Spryker solely collaborates with selected agencies where terms and conditions are in place and does not accept unsolicited headhunter or agency sent resumes.

At Spryker, we are convinced that we are driven by true passion, and by embracing the team and supporting each other, our herd can manage any change in an adaptable manner. We love finding innovative solutions, taking massive ownership, challenging each other, and challenging the status quo.

Check out our Career Page [https://spryker.jobs.personio.de/] and our Website [https://spryker.com/en/career/] for more information.
#LI-Remote
Your application
Thank you for considering a career at Spryker Systems. Please fill out the following form. In case you are experiencing problems with the document upload, mail your documents to talent@spryker.com.

Please upload any documents that you want to include with your application. CV and cover letter are required, and you should also attach copies of your references and certificates.

Click to select multiple files or use drag-and-drop
Click to select multiple files or use drag-and-drop
Click to select multiple files or use drag-and-drop
Click to select multiple files or use drag-and-drop
Click to select multiple files or use drag-and-drop

Uploading document. Please wait.