Cybersecurity Operations Engineer

About the role:

This role will be focused on helping to prevent and protect Fever from security threats, vulnerabilities and weaknesses that can potentially lead to security incidents through the operation of the Incident Response and Vulnerability Management processes.

What would you do at Fever?

On your first month in Fever:

• You will be fully integrated into the team. You will participate in plannings and follow-up meetings with other areas.
• You will have met the departments of Fever.
• You will get familiar with Fever's technological structure and ecosystem (applications, infrastructure, architecture, etc.)
• You will get familiar with the Cybersecurity processes and tooling in place.

After 3 months in Fever:

• You will be able to respond to and manage various types of security incidents by being the first point of contact for both employee-reported incidents and those reported by detection tools.
• You will be able to operate vulnerability management tools by launching scans, analyzing the results and coordinating remediation actions with the different areas.
• You will provide feedback and identify improvements of incident response and vulnerability management processes.
• You will attend different types of Fever experiences where you will mostly know everybody from engineering.

On your 6th month in Fever:

• You will provide knowledge gained in the previous months to propose and execute optimizations in both process design and operation.
• You will lead investigations into security incidents coordinating the response efforts of other team members and providing guidance and support to other members of the team as needed.
• You will participate in maintaining and/or implementing new incident response and vulnerability management policies.
• You will provide metrics related to security operations.
• You will participate in some of the team buildings we organise for your team or the whole engineering team.

Requirements

Reporting to the Cybersecurity Lead the successful candidate will be responsible for the following operational areas:

Incident response

• Provide first-line response and initial management of any Cybersecurity related issues in line with industry best practices (SANS, NIST, etc.).
• Perform follow-up throughout the incident lifecycle and coordinate responses to security events that involve multiple teams across the organization
• Analyze information gathered from monitoring systems and applying industry best practices to determine the scope, impact and mitigation actions of potential security incidents
• Identify Cybersecurity threats within the Fever environment and develop the use cases for their proactive detection
• Providing effective incident management through security monitoring tools (SIEM, open source tools, etc)
• Provide assistance with forensic examinations and chain of custody procedures
• Conduct projects and tasks associated with security monitoring, detection, and incident response
• Maintain and regularly test incident response processes and procedures
• Assess current practices and provide feedback on improvement opportunities

Vulnerability management

• Perform vulnerability management operation by initiating continuous vulnerability scans, assessing the results, eliminating false positives and coordinating with the multiple teams in the organization for remediation actions.
• Maintain and adapt the configuration of the vulnerability management tools such as Burpsuite, Nessus, nuclei, custom tools, etc
• Perform follow-up in the identified threats & vulnerabilities to ensure their complete remediation
• Participate in rapid action efforts or other emergency responses as needed
• Maintain the vulnerability management procedures and the list of application/system information (owners, technical contacts, etc)
• Provide status reports and relevant metrics

Qualifications:

• Bachelor or Master’s Degree in Computer Science, Information Security or another similar relevant degree (or equivalent experience in an IT Security role)
• 3+ years of relevant experience on Security Operations, especially experience coordinating responses to security incidents and managing a vulnerability program
• Experience in cloud security (AWS, k8s, IaC, etc), threat and vulnerability management
• Experience building out detection and response programs for cloud-native companies and SaaS environments
• Experience with vulnerability scanning tools like Burp Suite, Tenable, etc and SIEM solutions.
• Solid understanding of web protocols, APIs, security issues, common attacks (OWASP Top 10), Linux/Unix tools, cloud architectures and threat landscape
• Relevant technical and industry certifications are a plus (e.g. CISSP, GCIH, CEH, etc)
• Analytical skills, autonomy and accountability
• Fluent in english
• Good communication skills

Benefits & Perks

• Opportunity to have a real impact in a high-growth global category leader
• 40% discount on all Fever events and experiences
• Position based in Madrid, home office friendly.
• Relocation package for international candidates
• Responsibility from day one and professional and personal growth
• Great work environment with a young, international team of talented people to work with!
• Health insurance and other benefits such as Flexible remuneration with a 100% tax exemption through Cobee.
• English Lessons
• Gympass Membership
• Possibility to receive in advance part of your salary by Payflow.
• Attractive compensation package consisting of base salary and the potential to earn a significant bonus for top performance.