At a Glance
- Tasks: Manage security posture and protect applications from external threats.
- Company: Award-winning company known for its great culture and flexibility.
- Benefits: Generous paid time off, health benefits, and 401(k) with company match.
- Other info: Dynamic environment with opportunities for professional growth and learning.
- Why this job: Join a team that values work-life balance and meaningful contributions.
- Qualifications: 3+ years in penetration testing and strong knowledge of security vulnerabilities.
The predicted salary is between 50000 - 60000 £ per year.
Our mission is simple: we want to set people free to do meaningful work. People love our software--and it turns out that people love working here too. We've been recognized as a "Best Company to Work For", and we're proud of our team for receiving awards for workplace effectiveness and flexibility.
As our Security Engineer, you'll be responsible for managing our security posture as well as keeping our application safe from external threats. Our ideal Security Engineer will be able to manage IT‑related security issues, such as firewall management, HIDS/HIPS configuration, log monitoring, and audit compliance (SOC II). You will ensure that our software application is both manually and automatically pentested for security vulnerabilities (both Red Team and Blue Team exercises), and be a decision maker in all things security management - able to "pull the plug" on a feature, application, or other business function if it represents a significant risk to the company.
You will:
- Conduct penetration tests against web applications infrastructure
- Validate security on new hardware and software infrastructure
- Assist front-line company representatives with security questions
- Manage firewall rules and internal pentesting
- Manage SOC II controls and external pentesting
- Manage priorities through backlog management system (Jira)
What You Need to Get the Job Done:
- 3+ years experience performing penetration testing (against web applications)
- Experience securing cloud‑based infrastructures and solutions
- Previous experience working on an information security team
- Advanced knowledge of common security vulnerabilities (OWASP) and best practices
- Familiarity with SOC II controls and how to review them
- Experience in other technical roles (SysAdmin, Helpdesk, etc.)
- Strong understanding of Linux server environments
- Experience with Kanban and Agile DevOps workflows
- A good attitude and willingness to learn - you'll be with great people.
What Will Make Us REALLY Love you:
- You have a degree in CS, IT, or similar field
- CISSP, Security+, or other security related or linux or cloud related certifications
- Previous scripting experience (Python, Perl, Ruby, or PHP)
- You possess strong time prioritization skills
- You are proactive and look for ways to continuously increase efficiency
- We can see that you have a measured demeanor that assumes the best of people and respects co‑workers.
- Real world examples of demonstrated technical leadership
What You'll Love About Us:
- Great Company Culture. Business Best Companies to Work For (2020 & 2021) and the Sloan Award for Business Excellence in Workplace Effectiveness and Flexibility (2020 & 2021)
- Work that Stays at Work. Genuine work/life balance served here!
- Rest and Relaxation. 3 weeks paid time off, 11 paid holidays, and we pay you to go on vacation (ask us about this!)
- Health Benefits. Medical with HSA and FSA options, dental, and vision
- Prepare for the Future. 401(k) with company match
- Financial Peace University. Take the class, get reimbursed, get a bonus
An Equal Opportunity Employer--M/F/D/V. Because our team members are trusted to handle sensitive information, we require all candidates that receive and accept employment offers to complete a background check before being hired.
IT Security Engineer employer: Safaricom
At our company, we pride ourselves on fostering a vibrant work culture that prioritises employee well-being and professional growth. As an IT Security Engineer, you'll enjoy a supportive environment recognised as one of the 'Best Companies to Work For', with generous benefits including 3 weeks paid time off, health coverage, and a commitment to work/life balance. Join us in a role where your expertise will directly contribute to safeguarding our innovative software while being part of a team that values flexibility and collaboration.
StudySmarter Expert Advice🤫
We think this is how you could land IT Security Engineer
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with current employees at companies you're eyeing. A friendly chat can sometimes lead to job opportunities that aren't even advertised!
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your penetration testing projects or any security-related work you've done. This gives potential employers a taste of what you can bring to the table.
✨Tip Number 3
Prepare for interviews by brushing up on common security vulnerabilities and best practices. Be ready to discuss real-world scenarios where you've tackled security issues. Confidence and knowledge go a long way!
✨Tip Number 4
Don't forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are genuinely interested in joining our awesome team!
We think you need these skills to ace IT Security Engineer
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the IT Security Engineer role. Highlight your experience with penetration testing, firewall management, and any relevant certifications. We want to see how your skills match up with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about security and how you can contribute to our mission. Be genuine and let your personality come through – we love that!
Showcase Your Experience:When detailing your experience, focus on specific projects or challenges you've tackled in the past. Mention any tools or methodologies you've used, especially those related to SOC II controls or cloud security. We want to know what you've done!
Apply Through Our Website:Don't forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re keen on joining our awesome team!
How to prepare for a job interview at Safaricom
✨Know Your Stuff
Make sure you brush up on your knowledge of common security vulnerabilities, especially those listed in the OWASP Top Ten. Be ready to discuss how you've tackled these issues in past roles, as well as your experience with penetration testing and firewall management.
✨Show Off Your Experience
Prepare specific examples from your previous work that highlight your skills in managing IT security issues. Whether it's a successful pentest or a time you had to make a tough call on security, having real-world scenarios will impress the interviewers.
✨Get Familiar with SOC II
Since SOC II compliance is part of the role, make sure you understand its controls and how they apply to security management. Being able to discuss how you've managed or reviewed these controls in the past will show you're serious about the position.
✨Demonstrate Your Team Spirit
This company values a good attitude and teamwork, so be prepared to talk about how you collaborate with others. Share examples of how you've worked with cross-functional teams to enhance security measures or resolve issues, showing that you can be a great fit for their culture.
