Senior Cloud Security Engineer

At EcoVadis, we envision a global marketplace where sustainability intelligence influences every business decision – improving economies, people's lives and the planet we all depend on. EcoVadis counts industry leaders like Johnson & Johnson, L’Oréal, Nestlé, and Michelin, among the 55,000+ businesses on its network.

With an ambitious, purposeful mission to provide the world's most trusted business sustainability ratings, EcoVadis is driven by a diverse team sharing the core values of commitment, customer-focus, courage, integrity, kindness and happiness.

EcoVadis offers you exciting career opportunities in an innovative and dynamic environment. We are looking for passionate team players from a variety of disciplines – from CSR and sustainability experts to customer engagement and engineering talents – to join us to make a real impact on the environmental and social practices of companies worldwide.

• Conduct security architecture review of organization and cloud service deployments as well as software defined network technologies and architectures (microservices) supporting cloud and emerging technologies and prepare recommendations for hardening,
• Contribute to all levels of the architecture from a security perspective,
• Serve as a security expert during the whole development process and mitigate security vulnerabilities,
• Monitor and identify environments’ security issues; formulate appropriate resolutions,
• Provide clear remediation guidelines for engineering teams and business owners for security aspects,
• Help the engineering teams fix security related issues (infrastructure, network, application), address issues where appropriate,
• Monitor and evaluate security controls throughout the business,
• Prepare security hardening guidelines for cloud services,
• Security research on the latest best security practices, trends, threats and vulnerabilities, and technology frameworks,
• Documenting and disseminating security guidelines for common security issues, remediation guidance, and security technology baselines,
• Develop tools and exploits to support application security review and penetration testing,
• Collaborating with DevOps team to implement security measures,
• Working with the Security Manager to plan, coordinate, and implement security enhancements to safeguard service access, data repositories & other digital assets,
• Assist with other organization security projects and tasks as required.

• 5+ years of experience in a similar role in a relevant software or internet service industry,
• Minimum Bachelor of Science degree in Computer Science, Computer Engineering, or a related technical field,
• Strong experience in designing and implementing secure systems on Microsoft Azure,
• Strong experience in securing microservices,
• Strong experience in authentication and authorization schemas (SSO), securing API,
• Strong experience in both vulnerability research and penetration testing,
• Working knowledge of network security assessment and architecture,
• Expert knowledge of tools and automation techniques for finding security flaws in cloud services and environments,
• Managing and prioritizing multiple tasks in accordance with high level objectives,
• Knowledge of relevant business or compliance drivers that obviate the need for security tooling or processes,
• Strong foundation in and in-depth technical knowledge of security engineering, computer and network security, authentication and security protocols and applied cryptography,
• Experience with scripting languages (Bash, PowerShell, etc.),
• Able to drive consensus amongst technically strong but differing groups,
• Profound love of breaking things in order to make them stronger,
• Open to work in an international, multilingual environment,
• Proficient in English.