Cyber Defense Specialist - Jumia (Full Time)

Are you eager to work in a great team and share knowledge? Do you like problem analysis and solving? Do you have a solution oriented and proactive attitude? Jumia Porto Tech Center is for you!

The Cyber Defense Specialist will work closely with the SRE team to maintain, monitor and respond to various notifications from monitoring systems to improve the security posture of Jumia ecosystems. The candidates in this position will find themselves exposed to and working with Cyber Threat Landscape, Security Controls improvement and Incident Handling activities.

What you will be doing:

  • Identify opportunities to improve security and implement the tools necessary to execute improvements considering full automation. 

  • Proactively identify and remediate security risks introduced by the cloud platforms, or as flagged by vulnerability scanning software.

  • Implement solutions necessary to address security audits and compliance efforts on our cloud platforms.

  • Knowledge of SOX, PCI DSS, and GDPR is highly desirable.  

  • Ability to dive deep into software configurations and logs to recommend security-based improvements.

  • Work closely with development teams to ensure we are considering security when architecting and building new features/applications.  

  • Ensure that solutions are engineered with operational efficiency and security by design.  

  • Build automation frameworks and systems to improve security by design mentality on current CI/CD systems.

  • Participate in on-call for security incident response.

  • Provide Executive level non-technical analysis to effectively illustrate the potential impact of weaknesses identified to various audiences.

  • The creation of secure system lifecycle standards and secure coding standards based on the threat landscape and industry best practices.

What we are looking for:

Essential:

  • Proven expertise on security.

  • 3 years of Cloud Operations / Infrastructure Engineering experience.

  • Strong hands-on experience on public cloud platforms on at least one (Google, AWS or Azure).

  • Strong system administrator experience with Linux and Windows operating systems.

  • Experience with auditing and logging tools such as AWS CloudTrail or ELK.

  • Experience with Monitoring and reporting tools such as DataDog, New Relic, Zabbix and Graphite/Grafana.

  • Bachelor's Degree in computer science or relevant professional expertise.

  • Fluent in both written and spoken english.

Desirable: 

  • Ability to debug and optimize code and automate tasks. 

  • Understands the concepts of public cloud Infrastructure 

  • Systematic problem-solving approach, coupled with strong communication skills and a sense of ownership and drive.

  • Experience with automated configuration management and deployment using tools such as Ansible and Python.

  • Experience with vulnerability scanning software such as Tenable, Qualys, AWS Inspector, and any code scanning or audit highly desirable.

  • Experience with DevSecOps (Automation of security controls in the CD/CI environments) with Git and Jenkins

  • Experience with managed Kubernetes in the cloud.

  • Experience working in a hybrid environment is preferred.