Sr. Security Analyst – EMEA or SE Asia at Tutuka

Remote | International
Tutuka

Company Description

About Tutuka
Tutuka’s technology allows millions of Visa, Mastercard and UnionPay transactions to be processed around the world. We provide simple-to-use APIs for issuing, redeeming and reconciling prepaid cards to help the complicated world of card processing. We have offices in Johannesburg, Dubai and Bangkok plus a remote team reaching from one side of the globe to the other. Our team is diverse and wide-spread but we all have a shared passion for delivering products that can change lives.

As the Senior Security Analyst at Tutuka you’lll be working with people across the company (but most closely with the technical team) on the proactive implementation, monitoring and testing of fraud and security systems protecting over US$1,000,000,000 (and growing) worth of transactions every year on our bank-level-1 PCI-DSS financial processing system that powers tens of millions of transactions, making it easy for people to issue, redeem and reconcile prepaid cards all over the world.

We have a team of amazing developers and system engineers that work out of our local offices in Johannesburg, South Africa as well as remotely across Europe and Southeast Asia, and now we need you to oversee our fraud and security systems and certifications.

But first….what’s in it for you? 

  • The flexibility of working remotely
  • Competitive salary, company share scheme, and generous paid time off plan
  • The chance to work with an exceptional and diverse team from one side of the globe to the other
  • Want to put some stamps in your passport? How does an annual visit to Johannesburg, South Africa sound?
  • Last but certainly not least, you’ll be part of a company that is passionate about social responsibility and changing lives for the better

Job Description

About the role

Every day is an exciting challenge, helping secure our hybrid cloud enterprise processing
environment. You’ll have the chance to:

  • Take a leadership role in driving security and privacy initiatives
  • Advocate, update and enforce security policies, training and best practices
  • Drive and execute on our annual PCI DSS Level 1 certification
  • Discover, analyze, assess, and respond to security threats
  • Understand offensive techniques/tactics and be able to prioritize mitigation techniques or technologies accordingly
  • Manage security-related hardware such as WAFs, HSMs, and endpoint security devices
  • Maintain relationships with security providers and incident response teams
  • Instrument and perform anomaly analysis of systems and applications
  • Discover new and interesting security problems (and then fix them!)
  • Implement ethical hacking, phishing, penetration testing and incident response simulations to find weaknesses before anybody else
  • Coordinate fraud monitoring, reporting and implement controls to limit exposure to coordinated fraud syndicates
  • Mentor other team members

Qualifications

We love taking on team members with a variety of skill levels, from intern to PhD. But there’s no getting around the fact that we need this person to know what they’re doing and hit the ground running. That means you’ll need significant experience and expertise in security and
security-related technologies.

About you: 

  • You are passionate about Information Security and have solid experience in the field
  • Independent, self-motivated and can stay efficient and productive without someone looking over your shoulder all day long
  • You’re pro-active and hands-on, with a strong knowledge of Internet security landscape
  • Understand modern web application architecture, TCP/IP, HTTP
  • Superb written and verbal English skills (with a professional yet fun demeanor)
  • Have the ability to work with others and helping them to understand that security is not an afterthought
  • You have thorough familiarity with techniques used by real world attackers and should be able to prioritize detection and attack surface reduction efforts based on this knowledge

Extra kudos are awarded for:

  • PCI DSS knowledge
  • HSM experience
  • Cryptography expertise

Additional Information

This is a full-time role open to pretty much any location from Africa over to SE Asia. Flexible hours are a must for our remote team and you’ll need to be able to occasionally align your schedule with Johannesburg, South Africa (GMT+2).

We focus on building strong, diverse teams built from different backgrounds, experiences and identities.

See all IT Jobs >

Sign up for Daily Remote Job Alerts!