This job post is closed and the position is probably filled. Please do not apply. Work for Nansen and want to re-open this job? Use the edit link in the email when you posted the job!
๐ค Closed by robot after apply link errored w/ code 403 9 months ago
\nNansen is a blockchain analytics platform that enriches on-chain data with millions of wallets labels. Crypto investors use Nansen to discover opportunities, perform due diligence and defend their portfolios with our real-time dashboards and alerts.About the role\n\nWe're hiring a Security Engineer (Vulnerability Management) to join our cybersecurity team. Your main responsibility will be to assess our applications, systems, and networks to identify any deviations from acceptable configurations, or policies. Additionally, you will detect attacks against our applications, networks, and hosts by contributing to the implementation of detective IT systems.\n\nYour goal will be to measure the effectiveness of security measures against both known and unknown vulnerabilities.\n\nCybersecurity is key in all of our products and internal processes, as such, you will work closely with various stakeholders to ensure the security and integrity of our systems and networks. Your contributions will have a massive impact on the organisation. \n\nYou can be located anywhere in Europe, as our work is 100% online. The position is full-time.\nResponsibilities\n\n\nAnalyse organisations cyber defense policies and configurations and evaluate compliance with regulations and organisational directives.\n\nConduct and/or support authorised penetration testing on enterprise network assets.\n\nPerform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, supporting infrastructure, and applications).\n\nMake recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes).\n\nPrepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions.\n\nDevelop new or identify existing awareness and training materials that are appropriate for intended audiences.\n\nDevelop threat model based on customer interviews and requirements.\n\nWork with stakeholders to resolve computer security incidents and vulnerability compliance.\n\n\n\nAre you the right person for this role?\n\nThe ideal candidate for us has experience in the majority of the following areas (we are not expecting everything!)\n\n\nKnowledge of risk management processes (e.g., methods for assessing and mitigating risk). \n\nKnowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. For example: GDPR.\n\nKnowledge of cyber threats and vulnerabilities. \n\nKnowledge of cybersecurity and privacy principles and organisational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). \n\nKnowledge of programming language structures and logic.\n\nKnowledge of system administration, network, application, and operating system hardening techniques.\n\nExperience in conducting vulnerability scans and recognising vulnerabilities in systems.\n\nExperience in assessing the robustness of security systems and designs.\n\nExperience in the use of penetration testing tools and techniques.\n\nExperience to apply cybersecurity and privacy principles to organisational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).\n\nExperience in testing and evaluating tools for implementation.\n\nExperience in prioritising work and making risk-based decisions, including remediation recommendations.\n\nSkill in effectively communicating with technical and non-technical stakeholders, both orally and in writing.\n\nSkill in working with independence and influencing stakeholders without formal authority.\n\nAbility to apply techniques or tooling for detecting application, host and network-based intrusions using intrusion detection technologies.\n\n\n\n\nThe following are nice-to-haves:\n\n\nAbility to detect attacks against applications, networks and hosts and react accordingly.\n\nAbility to employ information technology (IT) systems and digital storage media to solve, investigate, and/or prosecute cybercrimes and fraud committed against people and property.\n\nExperience with Ethereum and the crypto markets (either professionally or as a hobby\n\n\n \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to Crypto, Ethereum, React, Testing and Engineer jobs that are similar:\n\n
$60,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
\n\n#Location\nEurope, Remote
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.