Xneelo is a web hosting company of approximately 350 people, with teams in Cape Town (head office), Johannesburg, as well as Canada, Ukraine and India. We see ourselves as business enablers, stimulating the economy by helping the business mass market to interact and transact online.
Our security engineers make sure that the data of xneelo and her customers is protected. A large scale, mass-market hosting infrastructure is a complex beast requiring security automation and processes to make sure it can scale and perform securely, 24 x 7 x 365. The security team at xneelo looks to the security of the IT, OT, software and cloud infrastructure as a vital component of being trusted in hosting.
We are passionate about frequent, iterative delivery of high-quality software and aim to build lasting solutions using Agile principles and the latest technology available. The security team at xneelo is a key part of this process.
We work together in autonomous teams that take full responsibility for their own part of the xneelo ecosystem and require an understanding of the Agile development philosophy. The security team owns some of the security related components of the ecosystem and consults with teams to ensure that systems they own are secure by design.
Locations: Remote or Cape Town, South Africa.
Timezones: UTC to UTC+3
Responsibilities
The ideal candidate will come from a software development process in order to appreciate the security pitfalls of software development and how to speak dev.
-
Build and support systems providing security features such as firewalls, authentication and secrets management
-
Provide subject matter expertise on architecture, authentication and system security
-
Performing security reviews of new and existing services (IT, OT, Cloud and Software)
-
Liaising/Consulting internally with teams on security findings to solve vulnerabilities
-
Solving interesting and large scale backend technical challenges that affects security
-
Monitor application and audit logging for security anomalies
-
Automation of security anomaly detection and alerting
-
Participate in forensics of security incidents
-
Looking for opportunities to innovate and optimize our security solutions
The strengths and experience we’re looking for:
-
Excellent communicator, both verbal and written
-
Gets on well with people and knows how to have candid, “clear and kind” conversations
-
Fast learner who knows how to say “I messed up” and “I don’t know, please help”
-
Understands the security risks and mitigations through all the OSI layers
-
Gets the difference between “done” and “97% done” and the potentially significant costs of the latter
-
Strong networking skills
-
Excellent multi-tasking skills
-
Cool under pressure
-
No compromise attitude towards system security and stability
-
Is a servant leader
-
Self-motivation and self-management
-
Life-Long Learning
You probably have a passion for:
-
Thinking like a hacker & incident responder by diving into the security details of the software you’ve built or use
-
Keeping abreast of industry security news and developments
-
Zero trust design in networks and software
-
Multi layered security design
-
Programming, open-source Technologies and IT in general
-
Optimal systems and simple procedures
-
Agile development and a self-organizing team environment
-
Sharing ideas and innovation
Technical Requirements
-
Design & development of backend software and APIs
-
Object-oriented programming using a language like Ruby (equivalent will be considered)
-
Software development within the Linux/Unix environment
-
Software development using a containerization platform like Docker or Kubernetes
-
Agile development practices (team focus, continual improvement, automated tests, refactoring, continuous integration, pair programming
-
Ability to discover and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond)
- Code quality reviews
-
Proactively identify and reduce security risks
-
Find and remove outdated and vulnerable code and code libraries
-
Git version control
Qualifications
-
BSc or BTech majoring in Computer Science will be advantageous, however, your ability to demonstrate your track record of security systems is what ultimately counts
-
A minimum of 4+ years of software development experience
-
Minimum of 2 years supporting a large scale application in an operational capacity
-
Minimum of 4+ years in a similar position
Desirable Skills and Experience
-
Security related security certifications such as CISSP and OSCP
-
Experience with Kubernetes or other container orchestration platforms
-
Understanding of database design (MySQL, Redis, etc.)
-
Familiarity with ElasticSearch
-
Experience with DevOps on a linux based platform
-
Experience with system administration on a linux based platform
-
Ruby software development experience preferred
-
Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP
-
Implementation and management of infrastructure and service monitoring systems
-
Exposure to secrets management solutions
-
Cloud Infrastructure as a service
-
Infrastructure automation such as Cloudformation, Ansible and Puppet
-
Network and host based security solutions like Palo Alto, Fortinet, Cisco or Cloudflare
At xneelo, our sincere desire is that our team members are inspired by their success and able to operate with a high level of discretion and autonomy guided by our principles and values. We hope this appeals to you and look forward to hearing from you.
Xneelo is a web hosting company of approximately 350 people, with teams in Cape Town (head office), Johannesburg, as well as Canada, Ukraine and India. We see ourselves as business enablers, stimulating the economy by helping the business mass market to interact and transact online.
Our security engineers make sure that the data of xneelo and her customers is protected. A large scale, mass-market hosting infrastructure is a complex beast requiring security automation and processes to make sure it can scale and perform securely, 24 x 7 x 365. The security team at xneelo looks to the security of the IT, OT, software and cloud infrastructure as a vital component of being trusted in hosting.
We are passionate about frequent, iterative delivery of high-quality software and aim to build lasting solutions using Agile principles and the latest technology available. The security team at xneelo is a key part of this process.
We work together in autonomous teams that take full responsibility for their own part of the xneelo ecosystem and require an understanding of the Agile development philosophy. The security team owns some of the security related components of the ecosystem and consults with teams to ensure that systems they own are secure by design.
Locations: Remote or Cape Town, South Africa.
Timezones: UTC to UTC+3
Responsibilities
The ideal candidate will come from a software development process in order to appreciate the security pitfalls of software development and how to speak dev.
-
Build and support systems providing security features such as firewalls, authentication and secrets management
-
Provide subject matter expertise on architecture, authentication and system security
-
Performing security reviews of new and existing services (IT, OT, Cloud and Software)
-
Liaising/Consulting internally with teams on security findings to solve vulnerabilities
-
Solving interesting and large scale backend technical challenges that affects security
-
Monitor application and audit logging for security anomalies
-
Automation of security anomaly detection and alerting
-
Participate in forensics of security incidents
-
Looking for opportunities to innovate and optimize our security solutions
The strengths and experience we’re looking for:
-
Excellent communicator, both verbal and written
-
Gets on well with people and knows how to have candid, “clear and kind” conversations
-
Fast learner who knows how to say “I messed up” and “I don’t know, please help”
-
Understands the security risks and mitigations through all the OSI layers
-
Gets the difference between “done” and “97% done” and the potentially significant costs of the latter
-
Strong networking skills
-
Excellent multi-tasking skills
-
Cool under pressure
-
No compromise attitude towards system security and stability
-
Is a servant leader
-
Self-motivation and self-management
-
Life-Long Learning
-
Thinking like a hacker & incident responder by diving into the security details of the software you’ve built or use
-
Keeping abreast of industry security news and developments
-
Zero trust design in networks and software
-
Multi layered security design
-
Programming, open-source Technologies and IT in general
-
Optimal systems and simple procedures
-
Agile development and a self-organizing team environment
-
Sharing ideas and innovation
Technical Requirements
-
Design & development of backend software and APIs
-
Object-oriented programming using a language like Ruby (equivalent will be considered)
-
Software development within the Linux/Unix environment
-
Software development using a containerization platform like Docker or Kubernetes
-
Agile development practices (team focus, continual improvement, automated tests, refactoring, continuous integration, pair programming
-
Ability to discover and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond)
- Code quality reviews
-
Proactively identify and reduce security risks
-
Find and remove outdated and vulnerable code and code libraries
-
-
Git version control
Qualifications
-
BSc or BTech majoring in Computer Science will be advantageous, however, your ability to demonstrate your track record of security systems is what ultimately counts
-
A minimum of 4+ years of software development experience
-
Minimum of 2 years supporting a large scale application in an operational capacity
-
Minimum of 4+ years in a similar position
Desirable Skills and Experience
-
Security related security certifications such as CISSP and OSCP
-
Experience with Kubernetes or other container orchestration platforms
-
Understanding of database design (MySQL, Redis, etc.)
-
Familiarity with ElasticSearch
-
Experience with DevOps on a linux based platform
-
Experience with system administration on a linux based platform
-
Ruby software development experience preferred
-
Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP
-
Implementation and management of infrastructure and service monitoring systems
-
Exposure to secrets management solutions
-
Cloud Infrastructure as a service
-
Infrastructure automation such as Cloudformation, Ansible and Puppet
-
Network and host based security solutions like Palo Alto, Fortinet, Cisco or Cloudflare
At xneelo, our sincere desire is that our team members are inspired by their success and able to operate with a high level of discretion and autonomy guided by our principles and values. We hope this appeals to you and look forward to hearing from you.
© 2020 RemoteJobs.store. Built using NextJS and Vercel.
Uses RemoteOK and Remotive APIs.