Senior SecOps Engineer

at  Kontaktio

MISSION STATEMENT:

We help businesses deploy resources and processes efficiently and make their customers and staff feel seen and valued.
Kontakt.io is a leader in IoT. Our mission is to simplify the delivery of location and sensor data insights. We create the data foundation that drastically improves and automates decision-making in resource planning, operations, and customer experience workflows.
Our portfolio of complete IoT and location solutions combines hardware, software, and cloud to bring real-time visibility, analytics, and AI to operations. Today, we serve over 2,000 customers across diverse sizes and industries, from transportation and logistics to manufacturing, healthcare, airports, governments, and public spaces. They use Kontakt.io to reduce emergency incident time, decrease asset search times, introduce activity-based-costing, automate manual processes, digitize physical order traceability, or prevent machine downtimes.
As the first Senior Security Operations (SecOps) Engineer in the organization, you will play a pivotal role in building and leading the company’s security operations from the ground up. Your primary responsibility will be to design, implement, and manage a comprehensive security operations framework that ensures the protection of the Kontakt.io systems, infrastructure, and data. This is a high-impact position, requiring hands-on technical expertise, strategic thinking, and the ability to collaborate across multiple departments to establish a security-first culture. You will act as the primary security leader in Kontakt.io, working closely with engineering teams to identify security risks, mitigate threats, and create long-term strategies to protect the organization from cyber threats.

• Conduct a comprehensive risk assessment to identify vulnerabilities, gaps, and key security challenges in the current infrastructure.
• Create a multi-phase security roadmap, with short-term and long-term goals to improve the security posture of the company
• Design and implement security strategies for cloud environments to protect against sophisticated threats. Architect and implement security solutions that safeguard the company’s network, data, and cloud AWS infrastructure.
• Design and implement security operations framework, including incident response, threat detection, and vulnerability management processes.
• Establish monitoring and logging solutions for real-time detection of security events using SIEM tools
• Establish a DevSecOps culture by integrating security into the software development lifecycle and drive the adoption of secure coding practices and participate in DevSecOps initiatives, integrating security into CI/CD pipelines.
• Collaborate with engineering, DevOps, and IT teams to ensure secure design, implementation, and operations of systems and applications.
• Lead the investigation, containment, and remediation of the security incidents.
• Continuously evaluate the security infrastructure and recommend improvements or new tools as threats evolve.
• Perform regular security assessments, penetration tests, and red team exercises to measure and improve defenses.
• Developing and conducting training programs for employees on information security and data protection policies.
• Raising awareness about threats related to cyberattacks, phishing, social engineering, and other risks.