Security Engineer

KONE Technology and Innovation (KTI) is where the magic happens at KONE. It's where we combine the physical world – escalators and elevators – with smart and connected digital systems. We are changing and improving the way billions of people move within buildings every day. We are on a mission to shape the future of the industry with new technologies and sustainable innovations. 

KONE Cybersecurity is an organization of security experts responsible for developing and managing cutting-edge solutions and processes to keep KONE secure globally.

We are looking for

Security Engineer, with a focus on SecDevOps

to join our team of cybersecurity professionals. Our mission in KONE Cybersecurity is to keep KONE business cyber resilient. With cybersecurity tooling, including SecDevOps we help KONE people as well as our customers and partners to perform at their best, and at the same time keep KONE secure. The platforms that are in scope of SecDevOps are:

• SAST and SCA based on BlackDuck products
• DAST based on Detectify
• Cloud security posture management based on Orca
• Centralized vulnerability management portal
• EASM based on Detectify and BitSight
• Integrations between all above, as well as to various CI/CD tools (Github, GitLab, Jenkins, AzureDevOps), and to various cloud platforms (Azure, AWS, AliCloud)

When the experience increases, the person in this position is expected also to participate to other initiatives in Enterprise, Product or OT security, depending on the initiatives on-going at that point, and on the person’s background and interests.

The position is based in Espoo Finland and will report to Head of Access and Tools in Cybersecurity.

Main Responsibilities

• Collaborate with application owners as well as with application and product security teams to capture their SecDevOps needs
• Understand, analyze, and manage prioritization of the SecDevOps business requirements
• Contribute in a key role to the on-going and upcoming projects in his/her responsibility area
• Guide the scrum and support teams in their work, where needed
• Implement or participate to implementing tough architectural or solution needs
• Accountable for maintaining solution documentation
• Co-operate with IT and business teams to ensure smooth development and transition to service

We Expect You To Have

• Bachelor or Master’s degree in IT or Cybersecurity related area or respective knowledge
• Excellent understanding and experience in SecDevOps solutions in a large organization
• Good understanding of some SecDevOps solutions and their integrations. Experience on KONE specific SecDevOps tools is seen as an advantage
• Experience in working with business stakeholders and IT partners, preferably in a global context and complex organization
• Ability to design and facilitate effective building and deployment of high-quality functional requirements
• Ability to guide teams
• 3-10 years of experience in working in an international environment with ability to perform in virtual and matrix organizations
• Strong analytical skills, conceptual thinking and problem-solving skills
• Service focused approach and attitude
• Real team player with flexibility under tight deadlines
• Excellent written and oral communication skills
• Proven track record for an excellent performance and quick learning
• Technical skills
  • Development: Python, and Bash
  • Cloud: AWS, Azure
  • IAC: Terraform, Ansible
  • CI/CD: GitLab, GitHub, Jenkins
• Understanding and experience on cybersecurity also wider is a big benefit, examples:
  • End-point security e.g. with Microsoft Defender
  • Network security
  • SIEM, e.g. Splunk and Sentinel
  • Network vulnerability scanning, e.g. Qualys
  • PEN testing
• Having IT as a hobby, and own test lab etc. is a huge advantage

We offer you

• A position in cybersecurity team which is responsible for all cybersecurity areas of a global organization – enterprise, product and OT
• An environment where all our own cybersecurity development is done with modern DevOps tools on top of modern serverless hosting
• An environment where a lot of our application counterparties operate in similarly modern DevOps environments and then connect to our SecDevOps pipelines to ensure their security
• Possibility to extend your skills to all the Cybersecurity areas, based on your interest

For additional information, please contact Kari-Pekka Lifländer, Head of Access and Tools, tel. +358 50 486 9123.

Want to join the #PeopleFlow? 

If you are interested in this position, please submit your application including a cover letter and CV via our Careers-site www.kone.com/jobs latest by 2nd of February 2025, however the position will be filled as soon as the suitable candidate is found so be quick!

#LI-IT

#LI-Hybrid

At KONE, we are focused on creating an innovative and collaborative working culture where we value the contribution of each individual. Employee engagement is a key focus area for us and we encourage participation and the sharing of information and ideas. Sustainability is an integral part of our culture and the daily practice. We follow ethical business practices and we seek to develop a culture of working together where co-workers trust and respect each other and good performance is recognized. In being a great place to work, we are proud to offer a range of experiences and opportunities that will help you to achieve your career and personal goals and enable you to live a healthy and balanced life.

Read more on www.kone.com/careers