Select
Discover openings Why join our team Growth opportunities Work perks Locations
All Offshore
or
The position assumes various aspects of information security controls maintenance, improvement, and implementation, as well as being a part of Grid Dynamics security team looking after a company-wide ISO27001-compliant security program, mitigating relevant risks, and meeting specific customer security requirements.

Responsibilities:

Network security
  • Secure network design and separation, including in public clouds (AWS, Google Compute)
  • Assisting system administrators with firewalls and access lists
  • Network monitoring and logging (nIDS, SIEM, NetFlow)
  • Network authentication (802.1x, MAC-based), DHCP and DNS security
  • VPN design and configuration review

 Systems security

  • Centralized security management (MacOS/Windows/Linux etc.)
  • Centralized patching and updates
  • Centralized antimalware management
  • Centralized log management / SIEM
  • System vulnerability scanning 

 Application security

  • Application security configuration
  • Internally developed applications security review
  • Third-party applications/plugins/integration security review
  • Application vulnerability management (application security scanning and discovered flaws elimination)
  • Liaising with dev/QA/devops teams  

 Identity Management

  • Developing corporate directories architecture and ensuring its correctness and alignment with policies and processes
  • Keys/certificates management
  • Passwords management and policies enforcement
  • Single sign-on (SSO) configuration
  • Participation in internal security processes such as incident response and user security training, in particular in relation to secure software development 

Requirements:

  • PKI and key management
  • Certificates, X.509 format, certificate management
  • Traffic encryption and network security protocols (IPSec, HTTPS/HSTS, S/MIME, WPA)
  • Logging, monitoring, log aggregation
  • Patch management tools (Puppet etc.)
  • Automation tools (Jenkins etc.)
  • AWS/Google IAM
  • Corporate endpoint protection
  • OWASP Top 10
  • HTTP security headers, Apache and Nginx security settings
  • Application vulnerability scanning and security logic review
  • Assisting developers with fixing discovered application vulnerabilities
  • Directory design
  • Roles/groups/containers
  • Authentication mechanisms
  • Solid understanding of applied cryptography
  • Solid understanding of network and systems security
  • Good understanding of application security concepts
  • Understanding of identity management concepts
  • English: proficient written/verbal skills

Will be a plus:

  • Hands-on experience with open/close source SIEM and centralized log aggregation solutions
  • Hands-on experience with open/close source IDS/IPS
  • Hands-on knowledge of Kali Linux and common vulnerability assessment tools (Metasploit, Websploit, Burp, Acunetix, Nessus/Tenable etc.)
  • Hands-on Nginx configuration experience
  • Good knowledge of OWASP and some knowledge of secure development/SDLC security
  • Some computer forensics experience

We offer:

  • Competitive salary
  • Work on bleeding-edge projects in a team of experienced and motivated developers and QA engineers
  • Flexible working hours
  • Health insurance, a benefits package, company-sponsored conferences, vacations
  • Well-equipped office located in the center of the city

About us:

Grid Dynamics is the engineering services company known for transformative, mission-critical cloud solutions for retail, finance and technology sectors. We architected some of the busiest e-commerce services on the Internet and have never had an outage during the peak season. Founded in 2006 and headquartered in San Ramon, California with offices throughout the US and Eastern Europe, we focus on big data analytics, scalable services, DevOps, and cloud enablement.
or

Your personal recruiter

Don’t see the right opportunity?

Contact us anyway and let’s talk! To apply, send your resume and cover letter to jobs@griddynamics.com

Grid Dynamics is an equal opportunity employer. We are committed to creating an inclusive environment for all employees during their employment and for all candidates during the application process. All qualified applicants will receive consideration for employment without regard to, and will not be discriminated against based on, age, race, gender, color, religion, national origin, sexual orientation, gender identity, veteran status, disability or any other protected category. All employment is decided on the basis of qualifications, merit, and business need.

Grid Dynamics Privacy Policy and E-verify