Sorry, this job is no longer available.

(Loading More Opportunities)

Security Engineer

Xneelo is a web hosting company of approximately 350 people, with teams in Cape Town (head office), Johannesburg, as well as Canada, Ukraine and India. We see ourselves as business enablers, stimulating the economy by helping the business mass market to interact and transact online.

Our security engineers make sure that the data of xneelo and her customers is protected. A large scale, mass-market hosting infrastructure is a complex beast requiring security automation and processes to make sure it can scale and perform securely, 24 x 7 x 365. The security team at xneelo looks to the security of the IT, OT, software and cloud infrastructure as a vital component of being trusted in hosting.  

We are passionate about frequent, iterative delivery of high-quality software and aim to build lasting solutions using Agile principles and the latest technology available. The security team at xneelo is a key part of this process.

We work together in autonomous teams that take full responsibility for their own part of the xneelo ecosystem and require an understanding of the Agile development philosophy. The security team owns some of the security related components of the ecosystem and consults with teams to ensure that systems they own are secure by design.

Locations: Remote or Cape Town, South Africa.

Timezones: UTC to UTC+3


The ideal candidate will come from a software development process in order to appreciate the security pitfalls of software development and how to speak dev.

Build and support systems providing security features such as firewalls, authentication and secrets management

Provide subject matter expertise on architecture, authentication and system security

Performing security reviews of new and existing services (IT, OT, Cloud and Software)

Liaising/Consulting internally with teams on security findings to solve vulnerabilities

Solving interesting and large scale backend technical challenges that affects security

Monitor application and audit logging for security anomalies

Automation of security anomaly detection and alerting

Participate in forensics of security incidents

Looking for opportunities to innovate and optimize our security solutions

The strengths and experience we’re looking for:

Excellent communicator, both verbal and written

Gets on well with people and knows how to have candid, “clear and kind” conversations

Fast learner who knows how to say “I messed up” and “I don’t know, please help”

Understands the security risks and mitigations through all the OSI layers

Gets the difference between “done” and “97% done” and the potentially significant costs of the latter

Strong networking skills

Excellent multi-tasking skills

Cool under pressure

No compromise attitude towards system security and stability

Is a servant leader

Self-motivation and self-management

Life-Long Learning

You probably have a passion for:

Thinking like a hacker & incident responder by diving into the security details of the software you’ve built or use

Keeping abreast of industry security news and developments

Zero trust design in networks and software

Multi layered security design

Programming, open-source Technologies and IT in general

Optimal systems and simple procedures

Agile development and a self-organizing team environment

Sharing ideas and innovation

Technical Requirements

Design & development of backend software and APIs

Object-oriented programming using a language like Ruby (equivalent will be considered)

Software development within the Linux/Unix environment

Software development using a containerization platform like Docker or Kubernetes

Agile development practices (team focus, continual improvement, automated tests, refactoring, continuous integration, pair programming

Ability to discover and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond)

Code quality reviews

Proactively identify and reduce security risks

Find and remove outdated and vulnerable code and code libraries

Git version control


BSc or BTech majoring in Computer Science will be advantageous, however, your ability to demonstrate your track record of security systems is what ultimately counts

A minimum of 4+ years of software development experience

Minimum of 2 years supporting a large scale application in an operational capacity

Minimum of 4+ years in a similar position

Desirable Skills and Experience

Security related security certifications such as CISSP and OSCP

Experience with Kubernetes or other container orchestration platforms

Understanding of database design (MySQL, Redis, etc.)

Familiarity with ElasticSearch

Experience with DevOps on a linux based platform

Experience with system administration on a linux based platform

Ruby software development experience preferred

Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP

Implementation and management of infrastructure and service monitoring systems

Exposure to secrets management solutions

Cloud Infrastructure as a service

Infrastructure automation such as Cloudformation, Ansible and Puppet

Network and host based security solutions like Palo Alto, Fortinet, Cisco or Cloudflare      

At xneelo, our sincere desire is that our team members are inspired by their success and able to operate with a high level of discretion and autonomy guided by our principles and values. We hope this appeals to you and look forward to hearing from you.

Cape Town, WC, ZA