Infrastructure Security Engineer

The world’s most critical--and at-risk--business applications have been neglected for far too long. Onapsis eliminates this blind spot by providing cybersecurity solutions dedicated to business-critical applications. Whether running on-premises, in the cloud, or in a hybrid environment, Onapsis helps nearly 30% of the Forbes Global 100 understand the threats and risks across their SAP and Oracle landscapes. 

• →Perimeter Security Management: Administer, maintain, and optimize firewalls, VPNs, and Web Application Firewalls (WAFs), ensuring secure network access and traffic flow while proactively performing clean-ups and configuration reviews.
• →Endpoint and Server Protection: Support the hardening of endpoints and servers, perform vulnerability assessments, and implement security configurations to reduce risk exposure.
• →Incident Response Support: Assist in detecting, investigating, and containing security incidents. Analyze logs, collect evidence, and contribute to timely mitigation efforts under guidance from senior security staff.
• →Automation & Infrastructure as Code: Develop scripts and Infrastructure-as-Code solutions to automate security tasks, improve efficiency, and enforce consistent security standards.
• →Certificate Management: Assist in the management, monitoring, and renewal of digital certificates (TLS/SSL), ensuring proper implementation, validity, and compliance across infrastructure and applications.
• →Documentation & Reporting: Maintain accurate security documentation, produce reports on security posture, incidents, and configuration changes, ensuring transparency and traceability.
• →Collaboration & Knowledge Sharing: Work closely with cross-functional teams across the organization to promote security awareness and assist with security initiatives.

• 2+ years of experience securing endpoints, servers, directory services and infrastructure, with a comprehensive understanding of security protocols, cryptography, and networking principles.
• Knowledge of firewall and VPN technologies, including administration, rule management, access control, and secure remote connectivity concepts.
• Solid understanding of network and security protocols, including TCP/IP, SSL/TLS, IPSec, DNS, and routing concepts.
• Skilled in programming and scripting languages such as Python, PowerShell, and Bash, with the ability to create custom automation tools and security scripts.
• Familiarity with Infrastructure as Code (IaC) concepts to support automated, scalable, and reliable infrastructure management.
• Understanding of digital certificates, PKI concepts, and TLS/SSL, including certificate lifecycle management, trust chains, and common misconfiguration risks.
• English proficiency to effectively communicate in a global, cross-functional team.
• Strong analytical thinking, attention to detail, and eagerness to learn in a dynamic security environment.

• Practical experience working in an agile environment, with the ability to adapt to dynamic priorities and deliver results in fast-paced settings.
• Knowledge of information security standards such as ISO 27001, NIST 800-53, and CIS Critical Security Controls, with a strong understanding of related principles for risk identification and security analysis.
• Experience with cloud security, including securing and managing public cloud platforms such as AWS, GCP, or Azure, with a focus on implementing strong, cloud-specific security controls
• Experience with identifying and resolving network-related issues.
• Relevant certifications in security, networking, and cloud environments.

#LI-AC1

#Remote