What you’ll do

• • Assess the security of Komaza’s systems, applications, and services, discovering and addressing security issues, building security automation, and promptly reacting to new threat scenarios by developing simple solutions to complex business problems, while following security engineering best practices.
  • Architect and implement enterprise-level security solutions for our cloud environments in  AWS and other third-party SaaS services.
  • Implement continuous monitoring, intrusion detection and prevention systems, and other security monitoring for our critical data systems and recommend actions to remedy security concerns.
  • Support and champion the implementation of Komaza’s Cybersecurity framework to support system controls, threat monitoring and detection, vulnerability assessment, and detection of cyber attacks across applications, data systems, and network services.
  • Implement protocols and procedures around third-party systems integration to avoid data loss and cyber-attacks through misconfigured and publicly exposed systems.
  • Develop information security guidelines, policies, and regular training sessions and support the execution of the Business Continuity Management (BCM) framework.
  • Design, implement and centrally manage an Identity and Access Management (IAM) platform to ensure all Komaza systems and allow effective onboarding and offboarding of system users.
  • Support external data systems audit process and promptly resolve identified areas of concern with all stakeholders.

What you have

• • Bachelor’s degree in Computer Science, Information Systems, Information Technology, or any other related field.
  • Security Certification in either CEH, CISSP, or CISM is a must.
  • 4+ years of hands-on experience in system security management across different IT domains including network services, operating systems, databases, and web applications.
  • Deep understanding of network and web-related protocols (TCP/IP, UDP, IPSEC, HTTP, HTTPS, and routing protocols) and security processes, framework cyber risk remediation analysis.
  • Experience with scripting programming languages (e.g., Python, Golang) is strongly preferred.
  • An understanding of the software development lifecycle and web services, and how they interact with security protocols and application access.
  • Strong understanding of NIST, Critical Security Controls, and Zero Trust Architecture.
  • Extensive experience and understanding of security operations and automation tools and appliances including UTM (unified threat management) devices, firewalls, proxy servers, and endpoint protection at an organizational level.
  • Experience working with Cloud/ SaaS architectures on either AWS, MS Azure, or Google Cloud Compute.

You are also

• • Great at stakeholder management
  • Positive, energetic self-starter with a high level of personal drive and resilience
  • A people person and a great team leader
  • Able to adapt to fluid, rapidly changing environments
  • A meticulous individual, and an analytical and critical thinker
  • Great written and spoken communication skills

About the team