In this role, you will be one of the security engineers in our multi-disciplinary operations team. Together with colleagues from a variety of professional backgrounds you develop and operate state-of-the-art security engineering and monitoring (SIEM) solutions. You help to investigate when a security incident occurs and use your insights and experience to advise IT teams on how to build their systems and applications securely.
Our team is looking for a security engineer who enjoys the battle with the invisible enemies at the gates, not afraid to take on operational responsibilities if that’s what it takes to keep those gates locked safely. You are the one who will automate and outsmart them and protect the data of our customers, retailers, and employees. Together with your security engineering and hacking colleagues in the team, you will be responsible for keeping Bol safe and secure.
As a Security Engineer, you will contribute to:
- Technical review of security aspects in proposed solutions and designs, strong focus on cloud-native tech (GCP in our case, but experience in AWS / Azure is also appreciated)
- Improvement of security engineering tech stack
- Integrate new solutions regarding threat intel and attack surface management into existing security operations systems and workflows
- Investigate and follow up on small incidents before they get big
- Support other teams with questions about how to design/engineer something securely
Functie-eisen
- At least 4 years of relevant work experience.
- You are an open-minded security engineer who is passionate about everything tech.
- Experience with SIEM-like solutions, vulnerability scanning, cloud, and big databases
- The role calls for a quick learner who almost instinctively navigates our landscape, which consists of various technologies, such as Linux, Kubernetes, Azure (Sentinel), Google Cloud Platform, python, java, bash, PowerShell, active directory, LDAP, proxies, load balancers, and firewalls. Is that list a bit too extensive? No problem. If you master some and want to master the others, we will gladly help you on your way.
Bedrijfsinformatie
The SecOps team is 11 colleagues (and growing) with different expertise and backgrounds, consisting of engineers, hackers, and incident/project leads.
We have a lot to offer, but not dull moments; there is always something new to pick up and the security landscape is constantly changing. We also invite you to claim ownership over your way of working. Experiment with the newest tech, be autonomous and pick your favorite way to get the job done. We are enthusiastic ambassadors of the Automation Is Good mantra. After all, a good IT engineer is ‘manually lazy’ and if automation lightens the workload, that’s extra time to focus on the ‘hard stuff’ and to pioneer your backside off. And yes, we invite you to come up with good/better/downright crazy solutions instead of telling you exactly what to do and how to do it. As long as you consider our standards, we’ll roll out the red carpet for your plans. Challenge yourself. And challenge colleagues. Share knowledge and insights. Tell us about plans that worked out great. And, especially, about ones that didn’t, so others won’t make the same mistake, and you won’t be ‘beamed up’ from your holiday address to solve an issue that should not have occurred, to begin with. Lastly: we don’t have that ‘holier-than-thou’ mentality that’s sometimes associated with our brand of coding: business colleagues are equals and their plans are treated as such. After all, security should not hinder innovation but rather make innovations faster and safer.
Inclusiviteit en diversiteit
Uiteraard staat deze vacature open voor iedereen die zich hierin herkent. We geloven dat diverse teams van belang zijn voor ons als lerende organisatie, die voorop wil blijven lopen in de wereld van werk. Want juist verschillen tussen mensen zorgen voor groei. Van collega's, klanten, kandidaten en daarmee van Yacht. Heb jij een uniek talent? We ontmoeten je graag.