Upstream

Senior Security & Compliance Engineer

Upstream

full-time

Posted on:

Location Type: Hybrid

Location: Gerakas • 🇬🇷 Greece

Visit company website
AI Apply
Apply

Job Level

Senior

Tech Stack

CloudCyber SecurityFirewallsLinuxPythonTCP/IP

About the role

  • Monitor and respond to security events, managing escalation and acting as a liaison during security incidents.
  • Serve as a dedicated security analyst for critical projects.
  • Lead the vulnerability management lifecycle, overseeing installation and patching efforts.
  • Conduct specialized security work, including security audits, Penetration Testing (e.g., CHECK, CREST, CEH, TIGER), evidence collection, and forensics analysis.
  • Drive and own technical tasks, pursuing their completion within time and technological constraints.
  • Contribute to end-user security education and awareness.
  • Maintain and update compliance posture, ensuring security policies and standards remain current and effective.
  • Serve as a primary technical resource for security-related client discussions, articulating technical concepts to various types of audiences.
  • Provide essential security content and review for commercial engagements, including RFPs, bids, and client assurances.

Requirements

  • **Networking & Infrastructure**: Excellent knowledge of TCP/IP. Comprehensive understanding of the core Linux network stack.
  • **Security Testing Methodologies:** Expert proficiency in essential security disciplines including Network Traffic and Protocol Analysis, comprehensive Vulnerability Assessment and Scanning methodologies, network service enumeration, and hands-on Web Application Penetration Testing techniques.
  • **System and Infrastructure Hardening:** Proven, hands-on experience in developing, implementing, and auditing standardized security baselines, robust configuration management controls, and effective patch management strategies across diverse operating system and application platforms, including critical data services.
  • **Security Control Systems**: Deep knowledge and hands-on experience with SIEM solutions and Vulnerability Management platforms.
  • ⮚ Experience implementing and managing IPS Systems (Cisco, Checkpoint) and Firewalls (Cisco, Checkpoint).
  • ⮚ Proficiency with DLP and Endpoint Protection solutions, including Application Control and Device Control.
  • ⮚ Experience with Web Application Firewalls (WAF).
  • ⮚ Familiarity with products for IDAM (Identity and Access Management).
  • **Data Protection**: Experienced in data encryption technologies and products.
  • **Development**: High-quality Python/shell development experience is considered a plus.
  • **Knowledge of Cloud and Mobile Security Architecture.**
  • **Experience in datacenter protection strategies.** **
  • **Security Governance: **Demonstrable knowledge of common security standards and compliance frameworks (e.g., ISO 27001, NIST Cybersecurity Framework, SOC 2). Practical experience translating technical controls into formal, auditable security policies and procedures.**
  • **Formal Documentation:** Proven ability to translate complex security testing results, audits, and posture assessments into high-quality, professional, and accessible documentation suitable for internal leadership and external client assurance reviews.
  • **Stakeholder Communication:** Solid communication skills (both oral and written), being able to explain concepts and ideas to various types of audiences, with proven experience presenting technical security findings and strategy to both C-level executives and external clients.
  • **Additional Experience**
  • Knowledge of Cloud and Mobile Security Architecture and experience in datacenter protection strategies.
  • Prior experience in a network position will be considered a plus.
  • **Core Competencies**
  • **Operational Excellence**: Track record of meeting deadlines in challenging situations. Dependable, reliable, with strong attention to detail. Requires a flexible work style to ensure quality standards are met.
  • **Teamwork**: Strong team player, capable of providing guidelines and assistance to peers
Benefits
  • We offer a competitive base salary and benefits, directly dependent on the candidate’s qualifications and skills. The real excitement comes from working closely with a dynamic, smart, agile, and highly motivated team in a competitive and fast-paced environment.
  • Follow us on LinkedIn and stay updated on our latest news. Upstream is an equal-opportunity employer.
  • Upstream is an equal-opportunity employer. The Company does not discriminate on the basis of race, color, creed, pregnancy, religion, gender, national origin, age, disability, marital, or any other legally protected status. The Company also makes reasonable accommodations for disabled employees. Finally, the Company prohibits the harassment of any individual based on their protected status. This policy applies to all areas of personnel actions including recruitment, hiring, training, promotion, compensation, benefits, transfer,and social and recreational programs

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
Penetration TestingVulnerability AssessmentNetwork Traffic AnalysisWeb Application Penetration TestingSystem HardeningSecurity AuditsData EncryptionPythonLinuxTCP/IP
Soft skills
Stakeholder CommunicationTeamworkOperational ExcellenceAttention to DetailDocumentation SkillsTechnical PresentationEnd-user EducationLiaison SkillsProblem SolvingTime Management
Certifications
CHECKCRESTCEHTIGERISO 27001NIST Cybersecurity FrameworkSOC 2