Security Engineer

The Vision-Box World…

Join us on our exciting journey and become part of our innovative future!

At Vision-Box, you are empowered to be innovative, creative and hands on. You will need energy and drive to help us reach our goals and will be rewarded with opportunities to grow and develop your career with us. We want motivated people who can think on their feet, who will take accountability and who want to make a difference and not just make up the numbers.

We have changed the way passengers travel through airports and travel hubs around the world and are driving the next phase of global innovation in biometric automation. We develop state-of-the-art user-centric citizen touchpoints, custom front-end applications and collaborative orchestration software, delivering premium customer experiences and high quality services to our customers.

As a partner to prestigious Governments, Airports, and Airlines around the world, we enhance citizen services and traveller experiences. We establish identity through high-performance enrolment, verification and authentication by enabling multi-directional data transactions and creating actionable intelligence.

We have delivered over 5,000 identity enrolment solutions in every continent across the globe, enabling access to robust identity schemes and the use of automated systems for hundreds of millions of citizens and passengers every year.

As a Security Engineer, what are you going to do?

• Identify security vulnerabilities in the Vision-Box products and implement necessary solutions to remediate the vulnerabilities;

• Review cloud and on-premises deployment architectures and implement required security controls;

• Identify manual processes that can be smartly automated;

• Ensure security best practices are followed and provide solutions to improve existing infrastructure processes in the company;

• Set security best practices for cloud security;

• Define documentation of security requirements for applications (web, mobile, host, SOA, etc.);

• Mentor other engineers, define our technical culture, and help build a fast-growing team;

• Contribute to tool evaluation, selection, and recommendation internally.
  Participate in the execution of training programs for different teams
  Work with senior management on defining roadmaps, and needs and provide short and mid-term forecasting;

• Contribute to as a Subject Matter Expert & internal professional community
  Conduct regular security assessments and audits to identify vulnerabilities and ensure compliance with security standards and protocols;

• Design the installation and operation of security tools such as firewalls, anti-virus software, patch management systems, and other protective measures;

• Stay updated on the latest industry security trends, threats, and technology to improve our security posture continually;

• Educate and train staff on security best practices and awareness.

What are the skills and professional experience we’re expecting from you?

• Master’s degree in computer science, Telecommunications, or Information Security;
• Certifications such as CSSLP, CISSP, CISA, etc. are highly desirable;
• Certifications from pentesting vendors (OSCP, CEH,…) are preferred;
• SAST & DAST tools related to education and certificates are beneficial;
• At least 3 years of experience in the Application Development (DevOps);
• At least 1 year of experience in Application Security Testing;
• Hands-on experience in Cloud Environments and on-premises Data Centre;
• Good skills in at least one or more scripting languages; Python, or Shell/PowerShell;
• Experience in management and definition of security in the software development lifecycle (SDLC);
• Experience in software development and SDLC in Java, Python, C#, etc…;
• Knowledge of conducting security checks (static and dynamic code analysis, vulnerability analysis in applications and penetration tests, security component analysis);
• Understanding of virtualization and container technologies (Docker, Kubernetes, OpenShift, …);
• Experience with OWASP Testing Guide v3 / 4 and OWASP TOP 10;
• Knowledge of securing APIs;
• Experience in Web and/or Mobile applications and common vulnerabilities;
• Experience with cloud service providers (e.g., AWS, Azure, Google Cloud) and their native security tools;
• Familiarity with compliance frameworks (e.g., ISO 27001, SOC 2, HIPAA, GDPR);
• Proven experience as a Security Engineer or similar role, with hands-on experience in securing both on-premises and cloud-based environments;
• Strong knowledge of network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols);
• Knowledge of security in micro-services is beneficial;
• Communication skills include understanding client processes in any area in detail;
• Excellent coordination and communication skills;
• Business writing skills (capturing needs and writing it down on formal documents).

Some of the cool reasons to work with us:

Founded in Portugal and with a purpose-built headquarters in the vibrant capital of Lisbon, we have over 21 years of highly specialized experience, delivering cutting edge technology to Airports, Airlines, and Governments;

Recognized in the market as leaders in innovation, we’ve won awards in all parts of the globe. We want people who can make a real impact;

We’re a full-stack technology company working with the latest technologies. With in-house Product Design and mechanical engineering through to Front End UX/UI, Big Data, and virtualization, we bring together specialists with the sharpest minds to deliver smart and disruptive solutions to our customers;

We’ve grown rapidly in the last 10 years and offer opportunities to travel to some of the world’s most exciting places. Projects around the world like in Sydney, Milan, New York, Helsinki, Toronto, Aruba, and Dubai mean your experience can be truly global.