Security Engineer (remote)

  • Percona
  • Ankara, Türkiye
  • 16 May, 2023
Full time

Job Description

As a Security Engineer, you’ll be working in a completely dynamic environment, working with colleagues from all over the world, you’ll need to be able to adapt rapidly and coordinate your efforts with the rest of the team. You’ll be expected to be able to write scripts, and Python knowledge will be a strong advantage.

You’ll be working with NIST, PCI, HIPAA, ISO27001, and ITIL standards, liaising and working with Percona’s compliance team to provide technical guidance where applicable or escalate as necessary. You’ll also be working within the ITSec team closely with Percona’s IT to deliver projects which help to resolve identified business security needs.

You’ll be able to communicate clearly to both technical and non-technical users, communicating the identified issue and the potential impact this may pose to Percona and what solutions can be deployed to mitigate the issue.

Successful candidates will move on to a CTF-style technical assessment, which has questions to test knowledge of compliance standards and deep technical understanding of OSS protocols.


What You Will Do

  • Work with a technology-agnostic user base to provide guidance and respond to inquiries
  • Security alert and incident response as applicable
  • Participate in forensic analysis and reporting as applicable
  • Log reviews and reporting
  • Authoring alert criteria where applicable
  • Configuration management (Ansible) 
  • Exploring OSS (And commercial products) to assess suitability for a proposed solution where applicable.
  • Internal auditing and pen-testing
  • Participate in RedTeam & BlueTeam exercises
  • Identifying potential threats relative to Percona’s infrastructure
  • Technical analysis of threats and security product issues reported by Percona staff
  • Assess, coordinate, and remediate known threats to Percona’s infrastructure and/or staff
  • Write technical documentation on the Security controls you have worked upon or participated with
  • Able to work with various APIs to derive information, or provide required functionality such as automation
  • Ability to work in an OS-agnostic user support role, supporting Security and Compliance software stack requirements.
  • Integrate closely with our Service Desk team as an L1 escalation point to provide support and guidance where required.
  • Knowledge of best-practice configuration and assessment for SSH, TLS 
  • Unassisted assessment of software, vulnerability, and risks.
  • Unassisted review of logs and assessment of issues.
  • Familiarity with threat modeling processes. 
  • Familiarity with Software Development Lifecycle processes. 


What You Have Done

  • 5+ years of successful Linux systems administration
  • Role-relevant industry certification.
  • Must be able to develop in Bash, Python, or Golang
  • Familiarity with Ansible (or similar) configuration management
  • Experience with the use of Git, Keybase, PGP, TLS, SSH
  • Familiarity with ITIL, ISO, CIS, NIST, HIPAA, PCI standards
  • Experience with packet capture and packet analysis
  • Containerisation tools such as Docker, Kubernetes, Openshift, LXC, etc.
  • Excellent English communication skills both verbally and written (must be able to communicate with technical and non-technical individuals clearly)  
  • Working knowledge of TCP/IP, UDP, Multicast, UPNP
  • Working knowledge for malware analysis on Linux, OSx and Windows platforms
  • Working knowledge of known threats current and past
  • Experience performing internal audit/penetration tests to PTES or other standards.
  • Working knowledge of OWASP
  • Working knowledge of GDPR and privacy by design
  • Working knowledge of IDS/IPS OSS technologies


What Will Make You Stand Out

  • Go, C, C++, Linux API familiarity
  • Risk Assessment experience a benefit (would need to know the bow-tie methodology)
  • Industry certifications such as OSCP, CREST, CompTIA security+, CISSP, SANS GIAC an advantage
  • Industry tools experience such as Wireshark, Burpsuite, faraday, vuls, openvas, nessus, nmap, masscan an advantage
Percona is a highly respected thought leader in the global open-source community. Our mission is to Keep Open Source Open. We provide services and software for MySQL, MongoDB, PostgreSQL and MariaDB.

Percona is remote-only and globally dispersed – we have colleagues in more than 50 countries! We offer a collaborative, highly-engaged culture where your ideas are welcome and your voice is heard.

Our staff receives generous benefits including flexible work hours and paid time off, all your equipment for your remote office, funds for career development (external training, certifications, conferences) and the opportunity to participate in an equity incentive plan.

If you love the idea of working with a high-growth tech company that is one of the best in the business and known globally as a go-to in the open-source database space, let’s talk! 

Connect with us and stay up to date on our latest news and developments by following us on LinkedIn and Twitter. We look forward to connecting with you!