kevin. is a startup with a bright present and even brighter future. Here we dream big, and then we commit to making those dreams come true. We have already built things that were never built before - in-app payments, card redirect, and there is more to come.
How did we manage that? By hiring people that are talented, driven, ambitious. Our company provides an environment where people like that can flourish - they can learn, explore, innovate. And they do just that!
So come join us and add rocket fuel to your career! kevin. is a great place to explore paths that were not explored before, and actually make impactful decisions.
Cyber security operations are important for our company because they ensure continuous supervision of security controls utilized within kevin. ICT infrastructure. It ensures proper network, applications and devices security configuration in accordance with relevant security policies, international standards, hardening guides and best practices. This includes the security configuration of perimeter devices (e.g. firewalls, data diodes, intrusion detection and prevention systems), securing cloud solutions and cloud-based applications, web solutions, management of digital certificates, securing PKI systems, and setup of protective monitoring toolset (e.g. log feeds and log aggregation, security audit, and integrity monitoring), and implementing security policies (e.g. patching and security maintenance policy). The purpose of the role of Senior Cyber Security Operations Officer (hereinafter - SCSOO) is to strengthen kevin. ICT infrastructure against cyber threats by maintaining secure configurations, secure engineering and consistent security-oriented expert-level work across ICT solutions on-premises, on endpoints and on the cloud.
As our new Senior Cyber Security Operations Officer (SCSOO), you will:
- Take a lead role in planning and executing cyber security operations, maintaining security configuration management roadmap, cooperating with the leading engineers and security staff;
- Build capabilities and establishing a workflow for proper security configuration of kevin. ICT infrastructure by integrating related technological solutions on-premises, on endpoints and on the cloud, and by utilizing capabilities of the solutions that are already implemented.
- Apply relevant configuration and monitoring security policies, international standards, hardening guides and best practices by routine hands-on security configuration, patching monitoring, and managing access rights to the resources and systems.
- Participate in drafting architectural and governance documents on ICT networks, systems and applications, drafting patching, configuration management, access rights management and configuration monitoring policies and procedures.
- Monitor the health of security appliances, applications and devices, and security configuration of perimeter and border control devices (e.g. firewalls), intrusion detection solutions.
- Ensure feeding the SIEM system by proper event and incident log feeds.
- Initiate and escalate reactive or preventive cyber security operations.
- Actively participate in incidents handling and business continuity events, incident investigations, evidence collection and forensics;
- Assess and criticise systems' security plans, network architectures, security documentation as part of a vulnerability assessment or remediation engagements;
- Provide support for the teams who run penetration tests, consult software development, networking, coding and security staff by sharing expert knowledge.
What you need to be successful:
- A wish to take leadership as a process owner.
- Ability to organize the work-flow in assigned area, time frame and resources, and prioritize tasks.
- Degree in a related field such as Software Engineering, Math, Computer Science, IT or Cyber-Security, or 10+ years of experience in the related domain.
- Around of 3 years relevant hands-on working experience with firewalls, routers, networking, intrusion detection and prevention solutions, especially with the cloud-based technologies.
- Ability to develop scripts for laborious tasks that are necessary for getting proper configuration of security devices and applications, parse logs and data flows in order to feed SIEM system.
- Experience with the cloud solutions deployment on AWS, dynamic configuration of perimeter devices, network engineering, domain and DNS configuration, and integration of other supportive solutions like Cloud Flare, through APIs or custom based connectors.
- Understanding of network probing and scanning, DDoS, abnormal activities, such as patterns coming from ransomware, worms, trojans and viruses.
- Strong knowledge and understanding of current security vulnerabilities, attack vectors directed to the perimeter control devices based on-premises or in the cloud.
- Knowledge of network separation and segregation, networking protocols, TCP/IP stack, systems architecture, AWS framework, operating systems, web applications firewalls, access control tools, IDS/IPS technologies, and cryptography.
- Understanding of web-based exploit kits and attack methods on internet-faced solutions.
- Basic to medium knowledge of penetration techniques and digital forensics.
- Certification in one or more of the following, or in other comparable certifications or acknowledged courses is desirable: AWS Certified Solution Architect, AWS Advanced Networking, AWS Certified Security, GCSA, CISM, CISA, CEH, Cisco Security, Security +, CompTIA Cloud+, Certified Kubernetes Security Specialist.
We don’t play games when it comes to compensation packages and benefits for our employees. Our remuneration ranges from €5000 to €15000, based on your experience and competence. We not only provide competitive salaries, but we also offer several extra benefits, such as short- and long-term incentives, private health insurance, and much more. So if you’re looking for stability and comfort with a bit of excitement sprinkled in here and there, then kevin. is the place for you!
What will you get in addition:
- Competitive salary.
- Flexible salary payments - pick if you want to get your salary weekly, monthly or twice a month (applicable only for Lithuania based employees).
- Freedom to create, innovate, and make impactful decisions.
- Freelancer’s working schedule – just bring us the result on time.*
- Choose where to work from: our offices, your home, a little cabin in the woods, the beach - you get the point - just be reachable and do your job.*
- Talented and committed team members - the best of their fields.
- Full ownership of your tasks and decisions.
- Private Health Insurance.
- Full compliance with local law requirements and labour code.
*Expectations on location may apply depending on role and seniority
kevin.’s advanced A2A (account-to-account) payment infrastructure solution was created to swiftly change costly card payments to payments linked directly from customers’ bank accounts without using any third-party providers. kevin.’s technology scales to businesses of any size and across industries, including retail, parking, fashion, car-sharing, deliveries, insurance and many more. kevin. focuses on mobile and POS payments where customers predominantly pay using cards currently. Its payment infrastructure is based on open banking – regulated by the European PSD2 Directive – which requires all banks and financial institutions in the European Economic Area to open their API for licensed third-party providers. kevin. develops only own connections to the banks without using any third-party aggregators.
Currently, the Company supports more than 6,000 merchants in 15 markets, including Sweden, Finland, Poland, Spain, Netherlands, Baltics and Portugal, where the company has a coverage of more than 85% of bank customers. The firm’s services will be available in 28 European Economic Area (EEA) countries by the end of 2022. kevin. has a team of more than 190 employees in 20 countries and it plans to expand its workforce to beyond 350 employees in 2022.
kevin. is an equal opportunity employer and values diversity. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status or disability status.