CStack Security Engineer (GovTech)

We are seeking a skilled and passionate Security Engineer to join our team. In this role, you will be responsible for ensuring the security, compliance, and resilience of our infrastructure and applications. You will work closely with cross-functional teams to monitor, respond to, and remediate security incidents across our cloud-native ecosystem.

Responsibilities:

Security Monitoring & Incident Response
• Oversee and respond to alerts from AWS GuardDuty, ensuring timely investigation and remediation of incidents.
• Execute security playbooks to handle alerts, and enhance them based on evolving threats and operational insights.
Vulnerability & Patch Management
• Coordinate the identification and application of security patches across GitLab, AWS, and Kubernetes components.
• Ensure that our infrastructure remains resilient to new vulnerabilities through regular patch cycles and proactive risk assessments.
Log Analysis & SIEM Management
• Conduct weekly SIEM reviews to analyze security logs, detect anomalies, and escalate issues as necessary.
• Collaborate with the SecOps team to refine monitoring strategies and alerting thresholds.
Reporting & Documentation
• Prepare monthly SecOps reports summarizing incident trends, response actions, and areas for improvement.
• Maintain and update documentation related to security processes, incident response, and playbooks.
Collaboration & Continuous Improvement
• Work closely with development, operations, and other security teams to integrate security best practices into CI/CD pipelines and cloud deployments.
• Proactively contribute to security strategy discussions, sharing insights and recommendations for enhanced security posture.

Requirements:

• Proven experience managing cloud security, particularly within AWS environments (including GuardDuty, IAM, and other AWS security services).
• Solid background in securing Kubernetes clusters (preferably on EKS) including experience with container security best practices.
• Experience with SIEM tools and log analysis for threat detection.
• Proficiency in applying security patches and vulnerability management across cloud and containerized environments.
• Familiarity with CI/CD pipelines (GitLab or equivalent) and integrating security into DevOps practices.
• Hands-on experience with incident response, including following and refining security playbooks.
• Working knowledge of networking, encryption, and other fundamental security concepts.
• Security certifications for AWS (such as AWS Certified Security – Specialty) and Kubernetes (such as Certified Kubernetes Security Specialist or equivalent) are highly desirable.

Soft skills:

• Excellent problem-solving and analytical abilities with a keen attention to detail.
• Strong communication skills to clearly articulate security issues and collaborate across teams.
• Proactive mindset with the ability to work independently and in a fast-paced environment.
• Adaptability and willingness to continuously learn and apply new security practices.

Any personal data you share with us during the application process will be processed strictly in compliance with applicable data protection laws and our Privacy Notice.