Cloud Security Engineer

« Back to Jobs

Cloud Security Engineer

YOOX NET A PORTER GROUP | Bologna, Provincia di Bologna, IT

Posted 20 days ago

Apply Now

Description

Technology is at the heart of YOOX NET-A-PORTER GROUP and is the driving force behind its success. Our in-house technology team allows The Group to give customers and brand partners the best possible experience across content and commerce, and to continually innovate and lead the online luxury industry.

The Cyber Security Function is an international team with team members based in London, Bologna and Milan. It is responsible for all aspects of the technical security of YNAP’s services in all markets. We also interface with the Richemont Group Cyber-Security team based in Geneva.

Some of the essentials for you to know are:

Location: Our office in Bologna and Milan

Department Size:  20 people (Approx.)

Reporting into: Cyber Security Assurance Manager

The Security Assurance team works with the infrastructure and application development teams within our Corporate, eCommerce and other application areas and includes expertise and commitment in:

  • Web & eCommerce Application Security
  • Infrastructure Security
  • Cloud Security

We are moving to create a security operating model by participating in the design, implementation and assurance of our cloud and on-prem infrastructures and networks.

Although the Assurance teams are then to assure design and deployment of systems is secure and aligned with policy, the intent is to facilitate and guide good security design and deployment, not simply assess other teams’ work.

Considering the provided context, we are looking for a strongly secure focused skillset person that can fit into a multi scoped team.

Here is a breakdown of what you’ll be doing:

  • Provide security practices, assist with all cloud infrastructure, and network design phases
  • Assessment of infrastructure and networks changes into the cloud to decide the proper security requirements
  • Arranging security assessment (like penetration test, and/or vulnerability assessment) and other security tests as may be required
  • Triage and prioritisation of vulnerabilities revealed during automated and manual infrastructure and networks testing
  • Coaching and assisting other YNAP tech teams to overcome vulnerabilities as may be required
  • Contributing to the enhancement of our secure program
  • Assisting in building a ‘security by design’ culture through our tech teams
  • Collaboration with other parts of the Cyber Security team
  • Actively working with all other tech, and not, functions into YNAP

The type of person we're looking for:

  • Experience with one or more cloud service providers, preferably AWS and Azure
  • Deep knowledge of cloud service architecture and how to improve the security in the cloud
  • Hands-on experience with monitoring cloud infrastructure, provide expertise on integrating different cloud providers and hybrid solutions
  • Identify security threats, misconfigurations that can cause security incidents or data leakages, defining the best solutions to avoid them
  • Experience assessing and consolidating security posture of Cloud infrastructures
  • Proven understanding of modern and updated information security methodologies and standards
  • Ability to break down complex problems into manageable and understandable tasks.
  • Ability to understand and take part to define High-level (HLD) and Low-level design (LLD) architectures, providing general and specific security best practices and secure controls
  • Pragmatic and problem-solving approach. This will not be ‘reading it from a book’ an instructing other, but working cooperatively with other teams to create and apply proper secure designs and solutions while achieving tight delivery timescales
  • Proven ability to work in a dynamic, fast paced environment
  • Availability to travel internationally
  • Fluent English and Italian

The following will be considered as a plus:

  • Container Security
  • Cloud/Security certifications
  • Infrastructure-as-Code, CI/CD, and other DevOps tooling experience

Depending on the candidate’s principal skillset you will be assigned to a specific sub-area between Application, Cloud or Infrastructure with the adequate seniority level, however a multi-disciplinary skillset and an open mindset is a plus in order to collaborate and be part of any decision and activity is required to perform.

From the moment you join the YOOX NET-A-PORTER GROUP we are committed to making your journey with us inspirational and evolutionary. If you are passionate, committed and thrive in a collaborative and fast-paced environment, then please apply with a CV.

YOOX NET-A-PORTER GROUP is an equal opportunities employer, we encourage people with a diverse range of backgrounds to apply. We recognize and celebrate the benefits that diversity brings to our workplace, our business and our customers. We welcome and will consider all applications regardless of race and nationality, religion, color, sex, pregnancy or related medical conditions, parental status, sexual orientation, gender identity, gender expression, age, status as an individual with a disability, or any other legally protected characteristics.If you require any reasonable adjustments to complete your application, please do not hesitate to advise us accordingly.Experience Level: Mid-Senior levelWorkplace Type: HybridSummary
  • Location: Milan, Italy; Bologna, Italy
  • Type: Full time