Zircontech

Information Security Engineer
Description
SUKU is seeking an Information Security Engineer specializing in web application security and
hands-on security architecture for our agile blockchain startup. You'll work closely with our
CTO and tech team to establish and uphold security standards across various technologies,
contributing to the development of mobile apps, web apps, and blockchain solutions. This
role is pivotal in implementing and managing advanced security measures to protect our
organization's infrastructure from evolving cyber threats.
Responsibilities
• Web Application Security: Assess and enhance the security posture of web
applications by leading the design and implementation of security enhancements,
architectural reviews, and security best practices.
• Financial Payment Security: Spearhead the implementation of security measures for
the latest financial technology. Support our development team implementing
payment applications, money transferring services, and cryptocurrency apps.
• Security Architecture: Design and implement robust security architectures for new
and existing systems, ensuring alignment with industry standards, regulatory
requirements, and security frameworks.
• Security Information and Event Management (SIEM): Deploy, configure, and
manage SIEM solutions to monitor and analyze security events across the enterprise.
Develop and fine-tune correlation rules, alerts, and dashboards to detect and
respond to security incidents effectively.
• Logging and Monitoring: Establish comprehensive logging strategies for critical
systems and applications. Ensure logs are collected, aggregated, and analyzed to
identify anomalies and potential security breaches.
• Vulnerability Management: Conduct regular vulnerability assessments and
penetration tests on networks, systems, and applications. Analyze findings, prioritize
risks, and collaborate with IT teams to remediate vulnerabilities promptly.
• Incident Response: Lead incident response activities, including investigation,
containment, eradication, and recovery. Develop and maintain incident response
playbooks and conduct post-incident analyses to improve future responses.
• Compliance and Auditing: Support internal and external audits by providing
evidence of compliance with security policies and frameworks. Participate in the
development and enforcement of security policies, procedures, and standards.
Requirements
• Professional Experience: Minimum of 5 years of hands-on experience in information
security engineering, with a focus on SIEM management, vulnerability assessments,
and incident response.
• Technical Proficiency: In-depth knowledge of security technologies such as firewalls,
intrusion detection/prevention systems, endpoint protection, and encryption
methods. Proficiency in scripting languages (e.g., Python) for automation purposes.
• Hands-on experience with industry-standard SIEM platforms such as Splunk,
IBM QRadar, or Elastic Stack (ELK).
• Familiarity with IAM frameworks, e.g. Okta, Auth0
• Hand-on experience with key management tools like AWS KMS, HashiCorp Vault
• Financial Background: Knowledge of banking and financial applications, including
but not limited to online banking software, money transmitter services, etc.
• Regulatory Knowledge: Familiarity with compliance frameworks and standards such
as ISO 27001, NIST, GDPR, and HIPAA.
Miscellaneous
• Location: Remote

• We offer an annual salary of ~ $80k for this role (this is based on experience, assuming the candidate matches all of our criteria)
• Hiring process is very fast, 2 interviews, hiring immediately
• 40 hours per week, flexible PTO
• This is a long term position after an initial trial period of 3 months
• Hands-on security expertise is mandatory. We want someone who has actually done these things previously, ideally with a financial security background.
  "Web Application Security" . Our applications are written in TypeScript and require web application security assessments and scanning.
• Both have experience in the financial industry and have secured infrastructure and servers. However, there expertise is mainly on the system / server side, not on the application layer.
• I asked both of them how they would scan and secure a web application environment and their answers were not satisfactory for this type of role.
  • They could not talk about common vulnerabilities for web applications, e.g. OWASP Top 10
  • They were not able to explain the difference between XSS and CSRF, which I consider very basic knowledge in the web application security space
  • Neither of them has any knowledge about blockchain / crypto transactions.
• I'm afraid we might into the same issue with Enrique, after looking at his profile.

To summarize, we need someone who knows how to secure financial web applications, this includes knowledge about web vulnerabilities and financial transactions, ideally crypto transactions.
I realize that the profile I shared may not put enough emphasis on this.
Santiago is a very well experienced security engineer with a lot of knowledge on the infrastructure side. My critique was mainly around:

• He couldn't entirely explain JWT security mechanisms in depth, this is crucial for authentication and a core part of our security architecture.
• I asked him about recent hacks in the crypto space and he couldn't name a single one. There've been recent hacks with > $1B losses just in the past couple of weeks, e.g. ByBit, I consider awareness of those things in the industry crucial for this role
• Lack of blockchain knowledge. I asked how an ERC20 transfer works. This is fundamental knowledge in the crypto space and very important when it comes to securing funds.

Now, I realize this is a very unique skillset that requires a mix of security, web application, and blockchain/crypto knowledge but my questions are basic. We need someone with this mix to make sure our application is secure. This is crucial to our business, we cannot compromise when it comes to security.