Our world class Technology team is at the core of what we do. Our multidisciplinary team helps support the running of the current business and explores new and exciting technologies that keep Farfetch truly revolutionizing the industry. In Porto, the tech hub, with 400 people, is the fastest growing team working across all touch points, Web and Mobile. The team is committed into turning the company into the leading multi-channel platform.
The security team in Farfetch is seeking a passionate Security Engineer who loves to reveal potential weaknesses and then think on creative solutions to eliminate those weaknesses. Your skills are going to help the foundation of security initiatives that protect the security and privacy of our clients.
Let’s see how fast the bad guys run!
What you'll do:
- Administers Web Application Firewalls providing recommendations based on the false positive analysis;
- Helps to monitor infrastructure compliance of legal requirements and internal policies;
- Automates tasks on managing and configuring security-related services;
- Administers SIEM by monitoring log sources, setting and tweaking alerts feed by the Incident Response team;
- Manages IDS/IPS systems and creates custom rules based on situational awareness provided by Threat Intelligence feeds;
- Helps to maintain company-wide information security controls to protect the integrity of Farfetch's assets.
Who you are:
- Degree in Computer Science or higher in an Information Security field;
- Background in software development or systems administration;
- More than 4 years in a similar position;
- Good understanding of network protocols, design, and operations;
- Working knowledge of Security principles, techniques, and technologies;
- Comfortable with Web Application Firewalls, SIEM, IDS/IPS;
- Experience with defining and enforcing hardening and other security benchmarks;
- Experienced with multiple public Cloud environments (AWS, Azure, GCP);
- Knowledgeable of scripting tools like bash, python, Perl;
- Experience with automation tools like SaltStack, Ansible is a plus;
- Certifications on Information Security (CISSP, CEH, OSCP or similar);
- Team player with a DevSecOps mindset;
- Proficient in English, both written and spoken.
*We appreciate all applicants, but only selected candidates will be contacted by us. We assure you of confidential treatment of your application.