Stratio is the World’s Leading Real-time Predictive Fleet Maintenance Platform. The company's proprietary technology combines large-scale processing with the latest machine learning techniques to prevent hundreds of thousands of breakdowns from happening every day, thus saving millions of people from the hassle of public transportation delays, postponed deliveries, or late arrival of essential goods. Stratio’s platform enables zero downtime for 5 of the 10 largest transportation companies in the world and, in 2021, raised an investment of $12 million to boost leadership in predictive fleet maintenance. Fleet operators in Europe, North America, Asia-pacific, and Latin America trust Stratio’s technology to fully leverage the data under the hood to safeguard operations, and keep customers happy. Stratio’s technology has enabled transportation for 1.3 billion people so far.
A Security Engineer will be responsible to make all our eco-system more secure by protecting system boundaries, keeping computer systems and network devices hardened against attacks and securing highly sensitive data.
- Audit applications and systems, through penetration testing and vulnerability management;
- Propose remediation measures and help with their adoption;
- Provide security guidance through the development lifecycle and help maintain and improve our Secure Software Development Life Cycle;
- Be a security subject-matter expert (SME) and help development teams with their security needs;
- Perform threat modelling (e.g., using STRIDE);
- Provide internal security training sessions, focused in the engineering users;
- Develop tools to automate security tasks;
- Implement mechanisms to identify security threats (IOCs and TTPs) in the environment;
- Monitor alerts and escalate issues as needed;
- Work in conjunction with other teams in incident response activities;
- Develop security standards and practices;
- Recommend security enhancements to existing processes and tools;
- Develop, maintain, configure, and troubleshoot (as needed, e.g.) SIEM tools;
- Collaborate with key stakeholders to gather security requirements and ensure implementation;
- Report findings to management;
- Provide operational support of various security technologies;
- Work closely with all teams to improve the overall security posture of Stratio.
- Proven work experience as a system security engineer or information security engineer;
- Experience in building and maintaining security systems;
- Detailed technical knowledge of database and operating system security;
- Knowledge in cryptographic concepts;
- Understanding of OWASP Top 10 security flaws;
- Hands-on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc;
- Experience with network security and networking technologies and with system, security, and network monitoring tools;
- Thorough understanding of the latest security principles, techniques, and protocols;
- Familiarity with web-related technologies (Web applications, Web Services, Service-Oriented Architectures) and of network/web related protocols;
- Degree in Computer Science or related field;
- Security-related certification is a plus;
- Fluency in English.
- Coding experience in one or more general-purpose languages (e.g., Java, Ruby, Python);
- Linux/Unix proficiency;
- Experience with Infrastructure as Code (Terraform and / or Ansible preferred);
- Experience with common infrastructure cloud providers;
- Experience in conducting security tests in web and mobile applications;
- Experience with malware detection and analysis;
- Experience with forensic analysis;
- Experience with SIEM tools;
- Experience with SAST / IAST / DAST tools;
- Strong understanding of cybersecurity standards and frameworks, e.g., ISO27001, NIST, CIS, OWASP, SANS;
- Certifications such as OSCP, CISM, CISSP, GSEC.
What we offer:
- Health Insurance;
- Fringe Benefits Policy;
- Flexible Work Hours - adjust your schedule to your needs;
- Work Setup - remote, hybrid, onsite - if your job can be done remotely, and you prefer to, you’re free to choose;
- Hardware and software for a full remote setup;
- Monthly All-Hands;
- Quarterly Events to discuss Strategy;
- Autonomy and Ownership Culture;
- Continuous feedback culture;
- Innovation Mindset;
- Career Acceleration.
- Remote / Hybrid / Lisbon / Coimbra
We want inspiring individuals in our teams, where age, race, gender, sexual orientation, politics and religion do not matter, and seek to create a tolerant and open space for everyone. We thrive to provide an inclusive and trustworthy environment.
You can find our Culture Manifesto and more team information here.
Take the road with us!