Senior Security Engineer (a)

TIS is reimagining the world of enterprise payments through a cloud-based platform uniquely designed to help global organizations optimize outbound payments. Corporations, banks, and business vendors leverage TIS to transform how they connect global accounts, collaborate on payment processes, execute outbound payments, analyze cash flow and compliance data, and improve critical outbound payment functions.

The TIS corporate payments technology platform helps businesses improve operational efficiency, lower risk, manage liquidity, gain a strategic advantage – and ultimately achieve enterprise payment optimization.

We’re on a mission to set a new industry standard for business-to-business payments. Since 2010, TIS has been combining its treasury management heritage with cloud architecture and bank connectivity expertise to help global corporations, banks, and consulting firms optimize outbound payment processes.

Working at TIS

• As part of our culture, we pursue new ideas, think big, embrace the impossible [INNOVATION] and we are free to make our own decisions [EMPOWERMENT] by communicating precisely [COLLABORATION] and supporting each other to exceed our high standards [EXCELLENCE];
• We respect both our personal and professional life so they would amplify each other;
• Flat hierarchies and direct contact with the management with regular feedback sessions in a very modern company give you a great opportunity for open collaborations and to be an “entrepreneur within the company” to play a critical role in TIS´s success story;
• Working in our Security Department will let you further develop your skills and develop security monitoring and incident response based on best practices. Your responsibilities will be varied and adjustable based on your interests;
• And last, but not least, we offer great remuneration and social package.

Your Approach

• Cybersecurity needs to be your passion, securing environments and finding new threats is your mission. As security is often a tradeoff between various aspects, you need to be pragmatic, and result driven to get your message delivered while reducing the risk to the company;
• You have skills in influencing others to achieve what is best for the company;
• Your passion drives you to research and learn new things about security and technology every day;
• You prefer automation and CLI over manual tasks and UI;
• You have an interest in mentoring and knowledge sharing across the organization to improve the awareness and knowledge of others;
• You like to work independently while being an active part of the team. You own the tasks and drive these to successful completion.

• Design, implement, and administrate security tools and develop guides/procedures to reduce risks;
• Conduct security reviews, risk analyses, and controls review; collect evidence and artifacts to meet compliance requirements (NIST, SOC, ISO, etc.);
• Analyse security alerts to identify security incidents (SIEM reports-alerts-tickets, CSPM, system, network, security monitoring tools);
• Respond to incidents from endpoint to server systems and perform root cause analysis, work with operations teams on mitigation; recommend and implement tactical and strategical solutions;
• Develop and optimize alert rules in WAF, SIEM, CSPM, and other tools;
• Perform threat hunting, develop tactics and new information sources, threat intelligence feeds, and advance logging standards;
• Automate/run vulnerability monitoring/scanning, alerting, reporting, and escalations. Prioritize vulnerabilities, and suggest mitigation actions, follow up with operational, and delivery teams and report;
• Provide subject matter expertise and plan / execute project work as it relates to the delivery and operations of cybersecurity controls such as endpoint detection and response, data protection, network security, cloud security, data analytics, etc;
• Lead research and evaluation of new security technologies, processes, and methodologies.

• 5+ years of hands-on work experience in cybersecurity;
• Bachelor’s degree in computer science, information systems, engineering, or the equivalent combination of formal education, training, and experience;
• Preferably previous experience from working as SOC Analyst;
• Experience in security incident response, incident analysis, and performing response actions;
• Proven experience in AWS security and/or Azure AD, O365 security;
• Deep knowledge of security tools; such as endpoint protection, vulnerability scanning, and SIEM;
• Proven experience in implementing new SIEM use cases and security analytics skills; creating and maintaining runbooks, meaningful dashboards, and reports;
• Experience in DataDog and/or Sentinel is a benefit;
• Technical security certifications such as CISSP-ISSAP, SSCP, CCSP, CSSLP, OCSP, C|EH, GIAC GSEC, GIAC GCDA, GIAC GDAT are a plus;
• Knowledge of Python and automation (such as Terraform, Ansible, etc);
• Strong knowledge of OS, containers, Kubernetes, networking, and endpoints;
• Experience in WAF is a plus;
• Experience in understanding common cybersecurity attack patterns and how to configure common cybersecurity controls to ensure adequate detection and blocking of attacks;
• Quickly adapt to changing events, reprioritizing efforts, and realigns resources to fulfill large-scale / complex requests;
• Effective time, prioritization, and workload management skills;
• Occasional travel to team events;
• Fluent in the English language;
• Strong analytical abilities, interpersonal skills, and verbal / written communication.

The role can also take place across Poland.

Your contact at TIS

Galina Boneva
HR Generalist

Get in touch!

Tags