SecOps Engineer

Direct message the job poster from Bitlo

Join Bitlo's Journey to the Future

As one of Turkey's leading cryptocurrency trading platforms, we've been on an exciting path of innovation since 2018. Join us on this journey into the future - so far, we've brought a wide range of innovative products as well as the best tokens to the Turkish cryptocurrency scene. Maybe now it is your destiny to be part of this journey

If you trust your skills, believe in teamwork and are interested in the endless possibilities of the blockchain world, apply to join Bitlo and be one of those who build the future

Education & Work Experience & Technical Requirements:

• 4+ years experience in IT projects with at least 4 years focused on security
• Exceptional experience/knowledge of information security and protective coding practices
• Strong understanding of PCI-DSS, SSAE/SOC and HIPAA compliance
• Complete security background covering encryption, network and authentication
• Hands on Cloud Security experience on architecting, engineering or administrating for SaaS solutions
• Ability to translate security standards like PCI and HIPAA into specific and actionable tasks and lead the solution
• Having exceptional writing capabilities on technical papers and explanations
• At least one of GSEC, CISA/CISM/CISSP/CEH certifications or willingness to obtain within 8 months
• A passion to learn and keep up with the cutting edge technologies
• Strong attention to detail
• Ability to prioritize and multitask in a fast-paced environment
• Excellent command of English

Here's what you will be doing:

• As part of the team, you'll be responsible for shaping, executing penetration testing engagements to identify security weaknesses within client's IT environments, reporting on vulnerabilities and making recommendations for their remediation.
• Work with other development teams to ensure that they make safe architectural and implementation choices.
• Constantly poke and abuse our software to find bugs before attackers do.
• Provide application security concept reviews and help socialize application security best practice.
• Provide support for application security incidents and operations.
• Performing, overseeing, improving and providing feedback on the services offered.
• Conducting advanced penetration testing exercises (Network, Web Application, Mobile and Cloud).
• Identifying and exploiting vulnerabilities and mis-configurations.
• Reporting findings and developing pragmatic recommendations with the product ecosystem in mind.
• Developing, extending, or modifying exploits, shellcode, or exploit tools.
• Ability to identify attack paths for lateral movement and privilege escalation.
• Reducing attack surface of the organization.

Personal Specifications/Skills:

• Demonstrated ability to work independently with minimal supervision.
• Being familiar with high stress situations without losing passion or motivation.
• Passion for learning and discovering new technologies.

• Mid-Senior level

• Full-time

• Engineering and Information Technology