Application amp Platform Security Manager
Application amp Platform Security Manager
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Working at Mercell
At Mercell were on a mission to revolutionise public procurement making it accessible and effortless for everyone involved. Imagine a world where public buyers and visionary suppliers come together seamlessly to make a great deal easier and shape the future. Thats what were all about.
With a dynamic culture built on continuous growth trust and collaboration Mercell offers an environment where your talents can thrive. You will be part of an international environment with ambitious and dedicated colleagues who are passionate about what they do and supported to be themselves.
Your Mission
Mercells Trust & Security team is seeking someone to help expand the security operations area. This role will focus on strengthening the existing security landscape while leading new greenfield initiatives and projects such as vulnerability management CIS Benchmarking as well as working on refining the existing SDLC in terms of security in collaboration with the Infrastructure and Development teams.
Core Responsibilities
- Vulnerability Management and Bug Bounty Program
- Lead the Vulnerability Management program by identifying prioritising and remediating security vulnerabilities. Manage the Bug Bounty Program coordinating with external security researchers to uncover vulnerabilities and strengthen the platforms resilience.
- Security Strategy
- Help design Mercells Security Architecture for Infrastructure and Development
- Integrate security by design principles across the Software Development Lifecycle (SDLC) and platform. Embed security controls within development processes aligning with OWASP CIS and NIST standards.
- Access Control Program Development:
- Design and implement a robust access control program managing and monitoring user permissions across the platform to maintain a leastprivilege access model.
- Business Continuity Planning/Disaster Recovery and Backup Strategy:
- Design and implement BCP and DR processes for infrastructure and platform stability. Develop and maintain a backup strategy to ensure reliable data recovery aligning with compliance and business requirements.
- Audit and Compliance Support:
- Act as the primary contact for audit and compliance tasks overseeing evidence collection and ensuring alignment and adherence to CIS 1.2 benchmarks and internal security controls.
- Incident Management
- Contribute to the deployment and management of SIEM
- Assist in maturing the Incident Response process in regards to application and platform including the introduction of Intrusion Detection and Prevention Systems (IDS/IPS) to ensure rapid and effective responses to security incidents.
Required Experience
- Vulnerability Management and Penetration Testing: Expertise in identifying assessing remediating and mitigating vulnerabilities.
- Business Continuity and Disaster Recovery (BCP/DR): Experience in designing implementing and optimizing BCP and DR strategies to ensure operational resilience.
- Software Development Lifecycle (SDLC) and CI/CD Pipelines: Demonstrated success in advancing security SDLC processes and enhancing CI/CD pipelines.
- Collaborative Agile Development: Proven ability to work effectively with crossfunctional teams within a structured Agile framework.
- Program Increment (PI) Planning: Skilled in participating in PI planning to align teams with security objectives.
Preferred Experience
- Proficiency in cloud security and serverless infrastructure (AWS).
- Strong understanding of compliance frameworks (ISO 27001 NIST SOC 2 C5).
- Advanced knowledge of threat modeling and risk assessment.
- Expertise in automation tools (Terraform Jenkins).
- Effective stakeholder communication and reporting skills.
Start date: As soon as possible.
Duration: Full time
Workplace type: Hybrid remote
Location: Utrecht Netherlands
Application Deadline: 10.01.2024. However do not wait to submit your application we will read applications and talk to potential candidates as we receive them.
What we offer
As a fast growing technology company we are committed to taking care of our employees through initiatives such as hybrid work to support worklife balance health and insurance plans (may differ per country/office) pension plans paid parental leave social happenings and competitive salary packages. Please see to get more insights on what to expect of perks benefits and culture when joining Mercell.
Has this sparked your interest
Then we cant wait to have you join our mission and look forward to receiving your application!
If you have questions for this position we are happy to chat with you. Please reach out to Charles Wilson
Director of Trust and Security
Email:
We may carry out background checks on applicants to verify information that appears on CVs and other documentation. This background check is carried out by an external party and is not carried out without the consent of the applicant. Current applicants will receive further information about this.
Employment Type
Full Time
