This position will support our SaaS email platform, providing service to large customers for tens of millions of end users.Core competencies required include platform security, automated deployment, virtualization and internet protocols. You will be expected to provide quick resolution of difficult technical problems. This position will also be responsible for major contributions to technical architecture, documentation and systems project management.
Your passion / Your job
- Continuously review the security posture of the platform, and recommend and implement new security measures
- Define andcommunicate platform architecture and binding security concepts/policies at a deeply technical level both internally and externally
- Work as one of the team’s platform architecture experts, with a particular focus on the security of the platform
- Assist with administering mission-critical software such as Dovecot, LDAP, Galera, Cassandra, OX AppSuite with a particular focus on security and hardening
- Prepares system security reports by collecting, analyzing, and summarizing data and trends
- Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs
- Server configuration and management using Ansible / Chef
- Document architecture and essential function methodologies
- Assist with security audit and compliance tasks
- Collaborate with global operations teams
- Participate in a 24 x 7 on-call rotation
- Monitor system logs and activities
- Shell, Ruby, Python scripting
What you bring to the table
- Bachelor or master degree in computer science or comparable +10 years job experience
- 5+ years experience working as a Security Architect
- 8+ years experience working with Linux
- 5+ years working with VMWare or OpenStack
- Strong experience with configuring, validating and securing environments utilizing firewalls and iptables
- Experience and understanding of hardening Linux-based environments with heterogenous applications
- Knowledge of Internet, authentication, and authorization protocols (HTTP, LDAP, SAML, OAuth/Openid Connect), Privileged Identity Management, Identity Federation
- Knowledge of symmetric and asymmetric encryption technologies, including concepts such as Forward Secrecy, Padding Modes, Elliptic Curves
- Strong Experience with Linux kernel tuning, TCP/IP, Mcast and strong networking fundamentals
- Experience with configuring and operating a Host-based IDS such as OSSEC across a large platform
- Deep understanding of encryption technologies, including keeping cipher suite configurations up-to-date at the OS and application level
- Experience with security incident response
- Solid understanding of networking concepts: the OSI model, TCP, IP, routing, firewalls, load balancers
- Ability to work as part of the team but also self-manage
- Interest in learning new technologies and working with proof of concepts to promote new technologies
- Excellent written and verbal communication skills; willingness to present technical information to a group
- Understanding of multi-tiered applications
- Experience with logging technologies such as Graylog, ELK stack, or Splunk
- Design operations and implementation scripts and automation; configure and write supporting documentation
- Lead and assist in areas of technical innovations and security improvements
- Some domestic and international travel will be required
Open-Xchange is a developer of open source communication, collaboration, office productivity, and DNS-based security software and services. With 270+ employees and a global presence, Open-Xchange is well-positioned to meet the needs of our large Internet Service Provider, Hosting, Telecommunication, and Cable Provider audience. Open-Xchange SaaS (Software-as-a-Service) solutions are delivered by partners such as 1&1, Orange, Italiaonline, Comcast, GoDaddy, and Softbank, with more than 200 million users already using the products for private and business communication.
The core of the product portfolio is OX App Suite with applications for email, contacts, and appointments. In addition, OX App Suite can be expanded to include additional apps such as OX Drive for managing and synchronizing documents, images, and video, OX Documents for text editing, spreadsheets and presentations and OX Guard for encrypting emails and files. Dovecot, the world's leading open source IMAP server software, and PowerDNS, a provider of secure DNS services, complete the Open-Xchange product portfolio.
Open-Xchange is headquartered in Cologne, Germany, with offices in Bremen, Dortmund, Hamburg, Olpe, and Nuremberg. International offices include the USA, France, Finland, the Netherlands, Italy, Spain, and Japan.
If you are interested, please contact us for further information - or send us your paperless application with a cover letter including the job ID (see at the top left corner), tabular CV, certificates, salary expectations and the earliest possible date of entry by e-mail to email@example.com.