Exness Group was founded by a group of like-minded professionals in the area of finance and information technology in 2008. We are the broker of choice for every trader who demands high-quality services. Today we are 1000+ represented by more than 70 nationalities, continuously expanding our existing teams and creating new ones.
Our culture allows each employee to be the best version of themselves, constantly increasing their expertise. Our culture and values rely highly on Ethics & integrity + Smart scientific approach!
We are looking for an Infrastructure Security Engineer to join our Exness Technology department. You will identify existing and emerging security threats and protect Exness Group of Companies from them, maintain business continuity and regulatory compliance in respective areas.
What you will do:
- Work directly with the business units to facilitate risk assessment and risk management processes.
- Maintain effective communication and coordination with Exness Technology teams in security-related areas.
- Ensure that information assets and technologies are properly protected, which includes the following:
- Manage information security controls;
- Enforce compliance with these controls and technology-related regulatory requirements;
- Participate in internal and external audits;
- Data loss and fraud prevention. Make sure the staff doesn't misuse data;
- Manage personal data protection measures (including GDPR);
- Develop security policies and procedures.
- Review architecture, implement operations of IT systems from a security perspective
- Complete operations-related tasks:
- Identity and access management. Ensue that only authorized people have access to restricted data and systems. Maintain least privilege approach;
- Management of Security incidents. Investigations and forensics;
- Process events generated by security tools: WAF, VPN, SIEM, etc.
- Manage and develop security education program for employees (at onboarding and ongoing).
What you need to succeed:
- 5+ years of experience in Information Security or other IT roles.
- Ability to leverage business communication skills to inform, convince, and educate employees to enable effective information security activities and processes.
- Knowledge of most common vulnerabilities and ways of protective measures from exploiting them.
- Hands-on experience with modern information protection systems, including open source products.
- General knowledge in the technologies below with expert level in few of them:
- Experience in administering of Linux and Windows systems;
- Understanding of security aspects of virtualization, containerization (Docker) and cloud services (AWS);
- Cryptography foundations. Knowledge of X509 standard and experience with PKI administration;
- Broad spectrum of technical knowledge in the following areas (the list is not exhaustive): Linux family, Docker, Kubernetes, vSphere, AWS, Vault, LDAP, Cisco ASA, Microsoft WIndows / AD, SSO;
- Audits: internal and external.
- General acquaintance with regulatory frameworks and compliance requirements associated with financial services is a plus.
- English and Russian language (Intermediate or higher).
Would be an advantage:
- ITSM fundamentals, project management.
- Any industry certifications.
- Security forensics experience.
- Medical insurance for employees.
- Coworking expenses compensation.
- “Get to know your Team” trip to Cyprus.
- Sports activities compensation.
- Extensive learning opportunities.
- Flexible public holidays.
- 100% pay of Annual leave.
- Professional Development.
*If you would like to learn about relocation opportunities to Cyprus, please contact the dedicated TA Specialist.
Your application will be reviewed further and you will receive an update in due course if you are shortlisted. Due to high volume of applicants, we are able to contact only shortlisted candidates at this point of time.