Infrastructure Security Engineer

This is a fully remote position, open to applicants in Nigeria.

📋 Description

• Configuration, Review & Optimization of Security Solutions

• Within the first 30 days, the Infrastructure Security Engineer should be capable of configuring various security solutions, including network firewalls, Endpoint Detection & Response Solutions, Web Application Firewalls, Cloud Native Application Protection Platforms, Security Incident and Event Management, Security Orchestration Automation and Response Solutions, Identity Provider Solutions, and Threat Management Solutions, among others.

• By the end of 90 days, the Infrastructure Security Engineer is expected to conduct reviews and optimizations on various security solutions in accordance with established policies.

• Within 180 days, the Infrastructure Security Engineer should review existing security baselines and ensure all security and technology solutions align with these baselines across all environments (cloud, endpoints, network).

• Audits & Compliance Reviews

• By 90 days, the Infrastructure Security Engineer should have a comprehensive understanding of our current infrastructure security systems and technical controls (including their functionality, effectiveness, and any gaps) to provide valuable insights during audits and compliance reviews.

• Within 180 days, the Infrastructure Security Engineer should be prepared to assume roles within our Information Systems Management framework.

• Within 180 days, the Infrastructure Security Engineer should collaborate with Governance Risk & Compliance to swiftly and effectively address audit findings.

• Access Control Management & Optimization

• Within the first 30 days, the Infrastructure Security Engineer should grasp our Access Control Policies, Processes, and Technologies.

• In 30 days, the Infrastructure Security Engineer should take charge of access provisioning, decommissioning, and optimizing access management.

• By 90 days, the Infrastructure Security Engineer should have conducted a review of the existing access management system, identify gaps, and recommend enhancements.

• Vulnerability Management

• By 60 days, establish a consistent vulnerability management process across infrastructure and endpoints.

• Within 90 days, ensure that all critical and high vulnerabilities have clearly defined remediation Service Level Agreements (SLAs).

• By 180 days, reduce the number of monthly recurring unremediated vulnerabilities by 40%.

• Provide clear, actionable vulnerability remediation guidance to Engineering and DevOps teams.

• Security Monitoring, Detection & Response

• Within 30 days, review and familiarize with the existing SIEM architecture.

• Within 90 days, identify and document areas for improvement in our security event monitoring.

• By 180 days, begin implementing improvements to log aggregation, security event analysis, and alerting.

• Within 90 days, identify new playbooks for automated incident response in the SOAR and document recommendations.

• Within 12 months, implement playbooks for automated incident response recommendations in the SOAR.

• Continuously enhance detection coverage and incident response automation across cloud, endpoints, and network layers.

• Secure Cloud & Network

• Within 30 days, review and understand services and configurations across multi-cloud platforms.

• By 60 days, be able to administer security policies and services across multi-cloud environments.

• Within 60 days, collaborate with relevant Engineering teams to ensure security is integrated into infrastructure design and configuration from the outset.

• Security Operations & Automation

• In the first 30 days, review existing automation, test them, and identify areas for optimization or improvement.

• Within 180 days, automate at least 30% of repetitive security operations tasks.

• Continuously assess and implement new tools that enhance detection, prevention, or efficiency.

• Constantly improve security policies and enforcement mechanisms.

• Cross-Functional Security Enablement

• Work collaboratively with Engineering, DevOps, and Product teams to integrate security into workflows.

• Provide hands-on guidance during system design, deployments, and incident response.

• Advocate for strong security practices throughout the organization rather than merely enforcing them.

⛳️ Requirements

• Proven experience securing cloud-native environments in a real-world, high-scale setup.

• Ability to navigate from identifying a problem to implementing a solution independently.

• Strong hands-on experience with SIEM, EDR, firewalls, WAFs, vulnerability management tools, networking concepts (routing, NAT, segmentation, access control), cloud security (IAM, logging, monitoring, secure configurations).

• Capability to deconstruct complex systems into simpler components and understand their construction, potential failures, and necessary fixes.

• Proactive and detail-oriented mindset.

• Ability to collaborate with engineers and influence decisions without adopting an authoritarian role.

• Passion for cybersecurity and eagerness to learn about emerging technologies.

• Commitment to continuous personal development and an active pursuit of the latest vulnerabilities, attack vectors, and security solutions.

• Nice-to-Haves:

• Experience in implementing security solutions and driving secure processes in fintech, blockchain, or financial systems.

• Proficiency in writing scripts and automating workflows using technologies like Python, Ansible, and Terraform.

• Familiarity with implementing DevSecOps processes and technologies, including access control, key management, and policy gates.

• Understanding of blockchain security concepts.

• Knowledge of AI, its associated risks, and AI security solutions.

• Relevant certifications such as CCSP, CEH, CCNP, PCNSE, Security+, and AWS.

🏝️ Benefits

• Fair Pay + Ownership: Competitive salary based on skills and experience, with annual merit-based reviews to ensure your growth is visible and rewarded.

• Growth That’s Real: Annual performance reviews and clear promotion cycles; recognition for outstanding work, from shoutouts to milestone rewards.

• Personal development fund (courses, books, conferences) and study leave to foster continuous learning.

• Work That Works For You: Fully remote forever with flexible working hours.

• Time Off That Respects Life: Unlimited paid time off plus Nigerian national holidays; parental, sick, compassionate, and life event leave; we prioritize your well-being.

• Connection That Feels Real: Quarterly remote team hangouts and annual offsite events; interest-based communities (SIGs).

• Regular engagement surveys to ensure your voice is heard.

• Health and life insurance coverage in select locations.