Senior Systems Engineer - DevOps/Sec - REMOTE - 75 days initial - UN-agency-client - EN-speaking
Posted on Aug 25, 2021 by infom consulting GmbH
We are looking for one "Senior Systems Engineer - DevOps/Sec" to start ASAP an initial contract until 31DEC2021 (extensions possible) for an international Org' -client in ROME, where 100% REMOTE work is possible. Possibility of extension based on performance and budget availability. English speaking environment. Our client is an international organisation in Rome and a great reference in any CV!
We are looking for a Senior Systems Engineer - DevOps/Sec with experience both in software engineering and in systems administration, to work as a generalist and keep UN-client applications up and running smoothly and efficiently.
This is a hands-on role that requires high experience in administration of systems and infrastructures as well as strong capabilities in managing technical resources, external vendors and other ICT specialists.
1. Software, Systems Maintenance and Administration
- Active monitoring: daily review of system telemetry and logs, using existing monitoring systems, log analysers, active and passive health checkers. Receive, process and react on notifications (e-mail, SMS, phone calls) triggered by monitoring systems and escalation procedures for alarms of various severities
- Proactive monitoring: identify risks in advance by evaluating trends from monitoring systems; investigating anomaly detection data from log analysers; and monitoring software releases and relevant security feeds.
- Plan software deployment, configuration and infrastructure changes between the environments jointly with UN-client Technical team and Vendors, using both systems automation frameworks and Legacy manual approaches.
- Plan and lead the testing of the Disaster Recovery environment in concert with the Technical team.
- Support, analyse, identify and manage resolution of issues in the UN-client software and the underlying infrastructure.
- Monitor, manage and address vulnerabilities and cyber security issues identified in Operating System and Enterprise Products in use as per the released security bulletins. It is required that enterprise products are kept always at the latest patch level available of the major version in use. UN-client uses CVSSv3 environmental scores for assessing the severity of the vulnerability.
- Support the information collection from the running software and infrastructure, and liaise with external auditing companies and internal auditors, in periodic exercises that verify internal controls are properly working. The validation involves extracting evidence of controls in the form of logs and systems configurations.
- Maintain the operation manuals, infrastructure and architecture documentation, application code, infrastructure automation source code and deployment procedures. Overall, supervise the execution and implement updates to the infrastructure as code mechanisms implemented at UN-client.
2. Patch/Vulnerability Management
3. Support to Auditing and Documentation
4. Team Lead, Lead, plan and control the work of other technical resources (internal and external) ensuring the effective management, appropriate sourcing and efficient use of time and budget.
1. Systems Administration
- The incumbent must have at least 7 years of experience with UNIX troubleshooting and management skills, as UNIX is the unifying thread across the technologies in use at UN-client. Such knowledge of UNIX systems and principles is fundamental to properly control, manage, troubleshoot, monitor and administer the systems.
- Excellent sys-admin skills, including VM and container management/deployment in Linux and Windows environment, with experience on latest and emerging technologies and trends
- Hands-on experience with managing services from leading cloud providers including install, configure, automate, and monitor various Cloud Services (IaaS, PaaS, and SaaS)
- Given that most of the Infrastructure is administered and changed through systems automation, it is important that incumbent have a solid understanding of systems automation and is ready to apply changes to the infrastructure by changing the automation code and configuration and re-running the automations against a live environment. Furthermore, the incumbent must have full knowledge of CI/CD to manage integration and deployment pipelines for applications.
- The incumbent must have the knowledge and competencies to fully support and manage (configuration and administration) the software and infrastructure and must be proficient in the following technologies and have at least 5 years' experience in the following areas:
- UNIX Systems (CentOS and OpenSuSE)
- IBM technologies such as ISAM, WAS, BAW, IGI, ISDS, QRadar
- HCL Portal and Content Manager
- Oracle Database
- ElasticSearch, LogStash and Kibana
- OneSpan Authentication Server
The incumbent is expected to have at least 5 years of experience of:
- Test-Driven Development and strong skills in creating and validating unit, functional and integration tests on existing code bases;
- Strong troubleshooting and debugging skills, being accustomed to use the systems debuggers opposite to print()-based debugging;
- Knowledge of the UNIX operating system interfaces and tools, that are as well an important source of debugging and troubleshooting information;
- Secure programming skills: knowledge of ESAPI, knowledge of OWASP and aptitude in writing secure and maintainable code.
- Comfortably working on foreign code bases, proposing improvements and re-factorings to make it more manageable, maintainable and secure.
- DevOps/Automation tools and familiarity with large-scale ICT architectures and automated deployment techniques in virtual environments; experience in continuous integration and development tools such as Jenkins; JIRA; Nexus; GitHub Actions; Maven; Gradle; and CI/CD pipelines such as Jenkins, GitHub Actions Artifactory, Ansible, Terraform and Packer. Ability to set up DevOps infrastructure from scratch.
- Knowledge of Agile delivery frameworks
- Proficiency in the following technologies and have experience in the following areas is desired:
- Recent Java Enterprise Edition versions
- VAADIN framework
- WebSphere Application Server framework
- IBM Business Automation Workflow process definitions
- HCL Portal framework and Content Manager
- Oracle SQL & PL/SQL
- Jasper Reports
- Ruby on Rails
3. Cyber Security and Networking
The incumbent is expected to have:
- Solid knowledge of Secure System and Infrastructure design and principles; knowledge of information security attacks and defenses; at least 3 years of experience in security testing and hardening web applications and underlying application and network infrastructures;
- Clear understanding of secure system architecture and OWASP base security principles.
- Knowledge of security tools (Kali, Burp, Wireshark, Metasploit, nmap, ) and monitoring, including but not limited to - Kibana, Splunk, Nagios.
- Experience in reviewing the security measures in place, follow up in pentesting with third party suppliers on the identified findings and propose resolutions, mitigations and improvements to the security framework
- Experience in managing and supporting applications and infrastructures integrated with a 2-Factor Authentication system.
- Significant experience in SIEM management and planning and deployment of monitoring infrastructure;
- Essential knowledge of networking protocols, networking architectures and security principles, including IP Networking, VPNs, DNS, load balancing and Firewalling.
- Excellent written and verbal communication skills in English essential.
AWARD & OTHERS
- The applicants attention is drawn to the important role that the curriculum vitae plays in the evaluation. Curriculum vitae shall illustrate the specific skills relevant to this request.
- We would like to receive CVs of suitable candidates together with pricing quotations, based on a daily net rate including travel costs for the services described for off-site work.
infom consulting is an owner-managed business and consulting firm in Germany. The company supports large corporations and larger SMEs across Europe. Our IT experts are realising projects for the European Institutions, United Nations agencies, International Organisations and multinational companies across the EU.