Workstream Purpose

The purpose of the IT and Security team is to provide best in class internal IT and Security services which enable and secure the business. We do so by supporting and improving organizational efficiency, effectivity, and productivity; whilst maintaining a strong security posture, both internal and external. To do so, we own and manage our internal tools, systems, and overall IT and Security operations

Being part of the IT and Security team means, we respond to any security and IT incidents, and proactively mitigates current or future threats, risks, and blockers to our systems and resources, and ultimately also that of our clients.

We are responsible for ensuring amazee.io’s IT Security governance, compliance and certifications, as well as ensuring the integrity of our data and privacy of information. Our work is essential to our services and reputation. Therefore, an effective IT and Security team is central to our survival as a business.

Responsibilities

• User Lifecycle Management and Identity and Access Management for all tools used by amazee.io
• Develop or procure, manage & maintain tools required by the amazee.io IT and Security team
• Coordinates IT and Security topics with all amazee.io teams, and handles requests resulting there of
• Writes and maintains IT Security policy and compliance documents and maintains the IT Security complicance database
• Drives IT Security certifications (getting certification projects up and running, coordination with external audit partners and other involved internal teams, recertification planning)
• Ensure high security awareness of employees through the use of awareness campaigns and training
• Maintain a strong security posture of amazee.io by monitoring the security status of Platform & Lagoon (Security Engineers only)
• Coordinate and collaborate with customer & community security teams during security incident & security audits (Security Engineers only)
• Lead investigations during security incidents and coordinate with all required internal and external parties (Security Engineers only)
• Monitor security bulletins of open source and governments and react accordingly (Security Engineers only)
• Maintains Risk Register for amazee.io and Lagoon (Security Engineers only)
• Supports Sales team by responding to security questions from potential customers (Security Sales Engineer only)

Roles

IT and Security Lead (CISO)

Application Security Engineer

Security & Compliance Engineer

IT Operations Engineer