Security Analyst in KUNA

KUNA
KUNA is a leading crypto banking platform encompassing KUNA Pay, KUNA.io, and KUNA Core.

KUNA Pay
KUNA Pay offers businesses a crypto banking solution. KUNA Pay opens the door to exploring new revenue channels or enhancing existing operations through straightforward cross-border transactions.

European businesses benefit from KUNA Pay’s ability to create crypto bank accounts, enabling them to accept crypto payments as a B2B provider and settle in Euros directly into bank accounts, bypassing direct crypto involvement.

KUNA.io — kuna.io/en
Launched by fintech innovator Michael Chobanyan in 2015, KUNA.io marked Ukraine’s entry into the public cryptocurrency exchange arena. The platform facilitates the exchange of fiat currency for cryptocurrencies and vice versa. It not only trades its own token, KUN, but also supports a wide array of major cryptocurrencies, allowing for trading through a dedicated mobile app.
KUNA.io is currently undergoing transformation and branching out into new European and EEA markets, driving improvements in user interface and functionality to better accommodate EU users. We are committed to offering a more regulated suite of investment products, including purchase, storage, sale, and transfer services under a VASP license in Lithuania.

KUNA Core
KUNA Core is a tool that allows businesses to implement a ready-made solution for simple and understandable interaction with Blockchain. KUNA Core project is to enable project partners to carry out a wide range of the crypto services.

Role in the project
We are seeking an experienced IT Security Specialist to join our team. As an IT Security Analist, you will be responsible for ensuring the security of our organization’s computer systems and networks. You will work closely with the IT team to implement and maintain security measures that protect our sensitive information and prevent unauthorized access.

Duties and Responsibilities
As an Information Security Analyst, you will play a crucial role in safeguarding our organisation’s assets from potential threats. You will be responsible for raising awareness with colleagues, assessing risks, implementing controls, and ensuring compliance with industry standards and best practices.

Key responsibilities include:

• Developing, maintaining and publishing ISMS documentation (processes, procedures and guidelines), ensuring overall governance and continual improvement of information security controls.
• Conduct regular security audits to identify vulnerabilities and recommend solutions
• Monitor network traffic for any suspicious activity or breaches
• Investigate security incidents and provide incident response support
• Install, configure, and maintain security systems such as firewalls and intrusion detection systems
• Perform vulnerability assessments and penetration testing
• Stay up-to-date with the latest security trends, threats, and technologies
• Collaborate with other IT teams to ensure security best practices are followed
• Provide training and guidance to employees on security awareness
• Maintaining conformance with ISO 27001, including adaptation of the ISMS to meet evolved structure and requirements of ISO 27002:2022, and other applicable standards.
• Helping expand the scope of ISO 27001 certification to include other international entities of the firm, especially with local processes, risks, controls, internal and external audits and management review
• Evaluate, select, implement and maintain security tools, infrastructure, and automation.
• Advise teams on developing pragmatic solutions that achieve business requirements to maintain acceptable levels of risk.
• Automate tasks and processes related to security monitoring to increase efficiency.
• Conduct thorough investigations of security incidents and provide detailed reports and recommendations.
• Participate in the company’s incident response team and assist with emergency procedures as needed.

Requirements

• Trained as an auditor in ISO management systems, ideally ISO 27001 but relevant others also considered.
• Strong knowledge of certifications and standards such as ISO 27001, Cyber Essentials (plus), ISO 22301 and/or NIST controls
• Good awareness of IT security measures, best practices and industry standards.
• Experience with incident response procedures and tools.
• Good understanding of cyber security and technology
• Knowledge of cloud security or services, especially AWS
• Practical and/or theoretical knowledge of security protocols and tools
• Strong knowledge of computer networking principles and protocols
• Experience with network support and troubleshooting
• Familiarity with operating systems such as Linux, etc.
• Familiarity with Kubernetes
• Proficiency in configuring and managing Kubernetes networks
• Understanding of network architecture and design principles
• Knowledge of PKI (Public Key Infrastructure) concepts and implementation
• Experience with APIs (Application Programming Interfaces) for integration purposes
• Familiarity with WAF,
• Experience with monitoring tools, such as Prometheus, Kibana, Grafana,
• Experience working with AST (Application Security Testing) tools and their integration into the CI/CD pipeline.
• Knowledgeable of Cloud Networking & Security (WAF, DNS, Subnets, VPCs, VPNs, IAM, Roles, Security Groups)

Would be a plus :

• Some coding knowledge is a bonus, but overall understanding of coding practices is required;
• SecOps approaches will be plus;
• Experience with Atlassian tools like Jira and Confluence.
• AWS certification.

We offer:

• Remote work with flexible schedule 5/2;
• Official salary;
• Opportunity for rapid career and professional growth;
• Competitive salary level;
• Work in a team of professionals;
• Office in Warsaw.

What this job will do for you:

• We have a socially important project, and we want to solve universal problems with payments;
• We are ready to give you all necessary knowledge and training, and we are open to use your knowledge and experience to achieve success;
• If you are proactive, have good communication skills and strive to develop in the field of fintech, we will be glad to see you in our team. Please attach your CV and a cover letter briefly describing yourself and your professional interests.