Information Security Engineer
Diemen (Amsterdam, NL)
Information Security & Compliance
6 January 2020
Wanted: Information Security Engineer excited to shape the future of mobility!
We love cities. And we’re doing something to make our cities healthier, cleaner and more liveable. How? By providing parking solutions that are simple, quick and effortless. Today, PARK NOW is the world’s leading provider of on-demand mobile payments for on- and off-street parking. We make life easier for more than 17,000,000 drivers in over 700 cities in Europe.
About the role/team
At PARK NOW, we take privacy and data security very seriously. We are committed to protect and secure all our customer and employee financial and personal data. We are ISO9001, ISO27001 and PCI DSS certified. Plus, you will have the commitment and support from our board for all security-related matters.
Our multi-national InfoSec team is looking for an InfoSec Engineer. As the InfoSec engineer you are tasked with the monumental role of protecting the networks and computer systems of PARK NOW from any security threats or attacks. Your tasks will include designing, building and operating secure systems; working on operational data centers and our cloud environment; analysing and responding to security incidents. You will help the organization understand advanced cyber threats and help create strategies to protect those environments. These strategies include defending, monitoring and protecting sensitive data and systems from intrusions.
You will get InfoSec queries from all areas of business and therefore need to be approachable and a good communicator. Together with our team, you will need to develop training programmes and continuously grow security awareness within the organization.
- Execute our PCI DSS and ISO27001 activity planner and daily, weekly, monthly, quarterly and annual tasks
- PCI DSS Monthly scans for the NL & UK and remediation action
- Check security advisories and alerts and keep operations and infrastructure up to date
- Schedule penetration tests for the NL and UK and action remediation work
- Provide security input for change management projects
- Assist with the implementation of security-related measures and standards within the Security and Compliance team
- Malware, intrusion detection logging and alerts
- All security-related logging and monitoring of networks
- Assisting with coordinating external audits such as evidence collection, time management of stakeholders and communication with third-party assessors, etc.
- Assisting in risk assessments
- Provide employee education/awareness training, answer queries and ad hoc support in Information Security
- Must be a People person!
- Able to prioritise, manage and track multiple activities and tasks;
- Excellent communication skills and the ability to articulate technical concepts in a straightforward way to non-technical staff
- Self-motivated – personal drive and enthusiasm to continually improve and provide the best in all situations and able to readily embrace change.
- Enthusiastic approach and “can-do” attitude;
- Resilient, copes well under heavy workloads;
- Flexible approach to work;
- Problem solving and resolution
- Knowledge of in-depth network infrastructure and the ability to analyse and understand cybersecurity threats and vulnerabilities
- Ability to analyse and understand cybersecurity threats and vulnerabilities. Be able to communicate and alert other technical and non-technical departments.
- Knowledge of network infrastructure and basic levels of the application layer. Good communication of scheduling and remediation of findings.
- Knowledge of cybersecurity infrastructure with the ability to communicate with other teams
- Understanding of logging and monitoring systems (SIEM) with the ability to analyse alerts and communicate them to infrastructure;
- Understanding of authentication systems and databases and the ability to communicate to technical terms to a non-technical audience.
- Ability to build strong relationships with infrastructure and software development teams
- Work collaboratively with the wider information security team and other groups to ensure that all infrastructure and information security controls meet internal and external compliance requirements.
- Experience/knowledge of PCI-DSS & ISO 27001 Framework
- Certified or in the progress of becoming CISSP certified
- CEH certified
Want to be part of a dynamic fast-growing scale-up and global, urban mobility leader? Yes! Want to make an impact? Yes!
We offer a lot of autonomy and room to develop your talents. We know our people are at their best when they enjoy a good work-life balance, which we fully support. You can expect great employment benefits, including a mobility plan, weekly bootcamps, monthly massages, lunch, Friday beers and snacks, daily fresh fruit, fun team events and much more!
PARK NOW. We are driven to improve. Come join the ride!